On Wed, 17 May 2000, Blu3 wrote:
> On Thu, 18 May 2000, Alexander Viro wrote:
> > So fix them - not to mention the fact that GUI suid-root anything is a
> > _really_ scary idea, if application wants to have <foo> done at most once
> > it should not call <foo> the second time.
>
> I agree, broken apps should be fixed. However some apps may use the
> de-facto mount-once standard. GUI suid happens. It's the only way to
> access raw devices from a user. GUI suid is the same suid as any other
> really.
Yes, except that GUI _anything_ involves a bunch of libraries that never
were audited with suid-root in mind. And the main activity of said
libraries is dealing with user-controlled input... I dearly hope that
this GUI mount actually calls mount(8) - assuming the authors' sanity it's
the only reasonable variant, but that's a heck of undemonstrated
assumption...
How many applications are doing that, anyway? Could somebody give a list -
surely there shouldn't be too many of them?
> > > Why the change in expected behavior, why allow the same mount to happen
> > > numerous times?
> >
> > What does "same" mean here?
>
> mount /dev/floppy/0 /floppy
> mount /dev/floppy/0 /floppy
> mount /dev/floppy/0 /floppy
> mount /dev/floppy/0 /floppy
>
> ...
> shows four mounts exactly the same.
I _really_ don't believe that such a test is a job for kernel.
[snip fs busy being broken]
> 2.3.99-pre9-2, I'll check this. It's quite possible it opens/closes when
> necessary.
>
> --
> Ok, the in use flag appears to operate correctly, strike the previous
> report.
>
> -d
Interesting .sig you've got there... Nevermind.
Ob.sig: <snarf>, and that goes into local fortune file.
-- GUI suid happens. david@killerlabs.com on l-k- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu May 18 2000 - 03:08:04 EDT