Hello, The first patch moves all global variables to new struct swapon_ctl, and the second does the same for few variables introduced during execution. This should make reading what happens in swapon.c a little bit easier. The last change will forbid executing mkswap when swapon has setuid bit, and it has taken effect. This should make simple PATH preference execvp() hijack vulnerability go away, among other similar setuid execution issues. I do not think this change is CVE worty because swapon(8) is _not_ expected to have setuid. The point of this change is to add at least some safety mechanism for users are aiming to shoot their own feets. Sami Kerola (3): swapon: add control struct swapon: move function arguments to control structure swapon: do not run execvp() calls when swapon is setuid binary sys-utils/swapon.c | 381 +++++++++++++++++++++++++++-------------------------- 1 file changed, 193 insertions(+), 188 deletions(-) -- 2.7.0 -- To unsubscribe from this list: send the line "unsubscribe util-linux" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
