Re: question about hardcoded binary paths (swapon / mkswap)

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

On Thursday 02 April 2015, Karel Zak wrote:
> On Thu, Apr 02, 2015 at 12:19:52PM -0400, Mike Frysinger wrote:
> > On 02 Apr 2015 10:20, Karel Zak wrote:
> > > If I good remember then the reason is that the helpers does not
> > > have to be installed in standard PATH. Well, you're author of
> > > this thing
> > >
> > > :-)
> >
> > i wrote the code to make it a configure option, but the actual
> > behavior predates me.  i'm interested more in the behavior, not the
> > exact configure option.
>
>  So, the basis question is if we really need to support non-standard
>  paths for the helpers. IMHO it's unnecessary legacy and I don't see
> a problem to drop this feature and require $PATH, and for critical
> things like fsck fallback to /sbin if $PATH is undefined.
>
>  Comments?

I would like to use PATH too but also fallback if PATH is defined. That 
means we just need to append our fallback path to PATH always.

The fallback path(s) may depend on what we are looking for.

In case we search an ul binary we should add the conigured and the 
default path (which is just one path in default case):

"$PATH:$sbindir:/sbin"   for sbin_PROGRAMS like "fsck" or "mkswap"
"$PATH:$bindir:/bin"     for bin_PROGRAMS like "mount/umount"
"$PATH:$usrsbin_execdir:/usr/sbin"  for usrsbin_exec_PROGRAMS
"$PATH:$usrbin_execdir:/usr/bin"    for usrbin_exec_PROGRAMS

For non-ul programs we should not add any fallback path unless there is 
a POSIX or other well-known one. "/bin/sh" might be the only real 
special case.

> > looks like mkfs added it during the 2.2->2.5 transition, but
> > otherwise no details in the bundled NEWS that i saw.  oh well.
>
>  mkfs is deprecated, the right way is to call directly mkfs.<type>.
>
> > mount makes sense as it's set*id and we can't trust users to not be
> > evil :)
>
>  It does not execute anything with root rights, but yes, hardcoded
>  paths make sense there (just to avoid complexity and external
>  dependencies on environment).

Even for mount I would like "$PATH:$bindir:/bin" too. If PATH is really 
a security issue then at least "$bindir:/bin". configure --prefix=xyz 
should install consistent usable util-linux progs.

cu,
Rudi

--
To unsubscribe from this list: send the line "unsubscribe util-linux" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
[Index of Archives]     [Netdev]     [Ethernet Bridging]     [Linux Wireless]     [Kernel Newbies]     [Security]     [Linux for Hams]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux RAID]     [Linux Admin]     [Samba]

  Powered by Linux