FreeBSD Bugzilla – Attachment 209942 Details for
Bug 241684
autofs: no way to have permissions other than 755 for automounted media
Home
|
New
|
Browse
|
Search
|
[?]
|
Reports
|
Help
|
New Account
|
Log In
Remember
[x]
|
Forgot Password
Login:
[x]
[patch]
mount_msdosfs hack
mount_msdosfs.c.patch (text/plain), 2.61 KB, created by
Jason W. Bacon
on 2019-12-14 15:25:17 UTC
(
hide
)
Description:
mount_msdosfs hack
Filename:
MIME Type:
Creator:
Jason W. Bacon
Created:
2019-12-14 15:25:17 UTC
Size:
2.61 KB
patch
obsolete
>--- mount_msdosfs.c.orig 2019-12-14 09:06:44.488687000 -0600 >+++ mount_msdosfs.c 2019-12-14 09:04:50.696785000 -0600 >@@ -58,6 +58,7 @@ > #include <unistd.h> > > #include "mntopts.h" >+#include "mount_msdosfs.h" > > static gid_t a_gid(char *); > static uid_t a_uid(char *); >@@ -71,19 +72,48 @@ > struct iovec *iov = NULL; > int iovlen = 0; > struct stat sb; >+ FILE *fp; > int c, set_gid, set_uid, set_mask, set_dirmask; > char *dev, *dir, mntpath[MAXPATHLEN], *csp; > char fstype[] = "msdosfs"; > char errmsg[255] = {0}; > char *cs_dos = NULL; > char *cs_local = NULL; >+ char *confp = NULL, *tok = NULL, flags[FLAGS_MAX_LEN + 1]; >+ char *local_argv[ARG_MAX]; >+ int local_argc = 1; > mode_t mask = 0, dirmask = 0; > uid_t uid = 0; > gid_t gid = 0; > > set_gid = set_uid = set_mask = set_dirmask = 0; > >- while ((c = getopt(argc, argv, "sl9u:g:m:M:o:L:D:W:")) != -1) { >+ /* Insert flags from conf before argv[1] */ >+ local_argv[0] = argv[0]; >+ if ( secure_conf(CONF_FILE, &sb, argv) != -1 ) >+ { >+ if ( (fp = fopen(CONF_FILE, "r")) != NULL ) >+ { >+ fgets(flags, FLAGS_MAX_LEN, fp); >+ flags[strlen(flags)-1] = '\0'; >+ for (c = 1, confp = flags; >+ (tok = strsep(&confp, " \t")) != NULL; ++c) >+ { >+ local_argv[c] = tok; >+ } >+ local_argc = c; >+ fclose(fp); >+ } >+ } >+ for (c = 1; c <= argc; ++c) >+ { >+ local_argv[local_argc + c - 1] = argv[c]; >+ } >+ local_argc += argc - 1; >+ for (c = 0; c <= local_argc; ++c) >+ printf("argv[%d] = %s\n", c, local_argv[c]); >+ >+ while ((c = getopt(local_argc, local_argv, "sl9u:g:m:M:o:L:D:W:")) != -1) { > switch (c) { > case 's': > build_iovec(&iov, &iovlen, "shortnames", NULL, (size_t)-1); >@@ -164,7 +194,7 @@ > } > } > >- if (optind + 2 != argc) >+ if (optind + 2 != local_argc) > usage(); > > if (set_mask && !set_dirmask) { >@@ -176,8 +206,8 @@ > set_mask = 1; > } > >- dev = argv[optind]; >- dir = argv[optind + 1]; >+ dev = local_argv[optind]; >+ dir = local_argv[optind + 1]; > > if (cs_local != NULL) { > if (set_charset(&iov, &iovlen, cs_local, cs_dos) == -1) >@@ -227,7 +257,7 @@ > err(1, "%s", dev); > } > >- exit (0); >+ exit (EX_OK); > } > > gid_t >@@ -323,4 +353,26 @@ > } > > return (0); >+} >+ >+ >+int secure_conf(const char *filename, struct stat *sb, char *argv[]) >+ >+{ >+ int status; >+ >+ if ( (status = stat(filename, sb)) != -1 ) >+ { >+ if ( (sb->st_uid != 0) || (sb->st_gid != 0) ) >+ { >+ fprintf(stderr, "%s: Security issue: %s must be owned by root/wheel!\n", argv[0], CONF_FILE); >+ exit(EX_OSFILE); >+ } >+ if ( sb->st_mode &(S_IWGRP|S_IWOTH) ) >+ { >+ fprintf(stderr, "%s: Security issue: %s cannot be group or world writable!\n", argv[0], CONF_FILE); >+ exit(EX_OSFILE); >+ } >+ } >+ return status; > }
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=209942">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 241684
:
209942
|
209943
|
210141
|
210468
|
210469
|
210470