Re: [PATCH] make automounter runnable in foreground and add stderr logging
From: Valdis . Kletnieks
Date: Thu Oct 07 2004 - 22:12:15 EST
On Thu, 07 Oct 2004 20:49:17 +0300, Denis Vlasenko said:
> PS: is there a reason why automount does this?
>
> /* include/config.h. Generated by configure. */
> #define PATH_MOUNT "/usr/bin/mount"
> #define PATH_UMOUNT "/usr/bin/umount"
> #define PATH_E2FSCK "/usr/bin/fsck.ext2"
> #define PATH_E3FSCK "/usr/bin/fsck.ext3"
>
> We have $PATH for ages...
Yes, and sometimes you specifically want to make sure you pick up the
right official binary, and not some other one that happens to be in $PATH.
If somebody manages to get automount launched with an insecure $PATH, you
could end up invoking a trojaned mount command (remember why "." in $PATH
is a security issue....)
Attachment:
pgp00000.pgp
Description: PGP signature