lib/canonicalize: do restricted canonicalize in a subprocess
Accessing FUSE mounts require suid/sgid (saved uid) to be equal to the
owner of the mount. If mount is running as a setuid process, swapping
creds by only setting the euid/egid isn't enough to change the
suid/sgid as well. We must do a full setuid()/setgid(), but that
removes our ability to re-assume the identity of the original
euid. The solution is swap creds in a child process, preserving the
creds of the parent.
[kzak@redhat.com: - use switch() rather than if() for fork
- use all-io.h
- close unused pipe[] ends
- be more strict about used types]
Addresses: https://github.com/karelzak/util-linux/pull/705
Co-Author: Karel Zak <kzak@redhat.com> Signed-off-by: Karel Zak <kzak@redhat.com>
projects / thirdparty / util-linux.git / commit
