Dear util-linux-ng developers,
I lead the virtualsquare lab at the University of Bologna.
We have implemented several projects like
VDE (virtual distributed ethernet)
purelibc
liblwipv6
view-os (umview/kmview).
All these projects are included in many GNU-Linux official distributions.
View-OS implements partial virtual machines.
Users can "mount" file systems/devices/network stacks etc, view-os provide
users with the virtualization required. (using ptrace or a kernel module
based on utrace).
We have always used the standard "mount" and "umount" commands,
from util-linux-ng but a recent change in the code has broken the compatibility.
Our utility use mount/umount in trace mode so setuid is disabled.
In mount and umount source code since v.2.15-rc1:
{
const uid_t ruid = getuid();
const uid_t euid = geteuid();
/* if we're really root and aren't running setuid */
if (((uid_t)0 == ruid) && (ruid == euid)) {
restricted = 0;
}
}
The previous version was:
if (getuid () != geteuid ()) {
suid = 1;
if (types || options || readwrite || nomtab || mount_all ||
fake || mounttype || (argc + specseen) != 1)
die (EX_USAGE, _("mount: only root can do that"));
}
We need mount/umount to work "unrestricted" also if a user (not root)
is running the executable in non-setuid mode.
If the code is not setuid, the kernel will return appropriate errors when
mount/umount try illegal requests.
So I am asking you to patch the code as follows:
{
const uid_t ruid = getuid();
const uid_t euid = geteuid();
/* if we aren't running setuid */
if (ruid == euid) {
restricted = 0;
}
}
both in mount.c and umount.c
Thank you in advance.
renzo
--
To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
