]>
git.ipfire.org Git - thirdparty/util-linux.git/commit
libmount: compose mount.<type> helpers paths more carefully
The [u]mount helper path is "/sbin/mount.<type>", the <type> should not
be possible to interpret like a path, for example:
# mkdir /sbin/mount.fake
# mount -t fake/../../../home/user/foo.sh
Anyway, this is *not mount(8) security issue*, because:
- non-root users don't have permissions to specify -t on mount(8)
command line
- /sbin is not writable for regular users
This patch makes libmount more robust for situations when the library
is used by incompetent developers who don't sanitize user's input.
Reported-by: "Horsfall, Matthew" <mhorsfal@akamai.com>
Signed-off-by: Karel Zak <kzak@redhat.com>