Return-Path: <linux-kernel-owner+willy=40w.ods.org-S267739AbUJGSZ3@vger.kernel.org>
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
	id S267739AbUJGSZ3 (ORCPT <rfc822;willy@w.ods.org>);
	Thu, 7 Oct 2004 14:25:29 -0400
Received: (majordomo@vger.kernel.org) by vger.kernel.org id S267638AbUJGSUX
	(ORCPT <rfc822;linux-kernel-outgoing>);
	Thu, 7 Oct 2004 14:20:23 -0400
Received: from turing-police.cc.vt.edu ([128.173.14.107]:29866 "EHLO
	turing-police.cc.vt.edu") by vger.kernel.org with ESMTP
	id S267552AbUJGSSF (ORCPT <rfc822;linux-kernel@vger.kernel.org>);
	Thu, 7 Oct 2004 14:18:05 -0400
Message-Id: <200410071817.i97IHnPZ017247@turing-police.cc.vt.edu>
X-Mailer: exmh version 2.7.1 07/26/2004 with nmh-1.1-RC3
To: Denis Vlasenko <vda@port.imtp.ilyichevsk.odessa.ua>
Cc: Ian Kent <raven@themaw.net>, LKML <linux-kernel@vger.kernel.org>
Subject: Re: [PATCH] make automounter runnable in foreground and add stderr logging 
In-Reply-To: Your message of "Thu, 07 Oct 2004 20:49:17 +0300."
             <200410072049.18059.vda@port.imtp.ilyichevsk.odessa.ua> 
From: Valdis.Kletnieks@vt.edu
References: <200410072049.18059.vda@port.imtp.ilyichevsk.odessa.ua>
Mime-Version: 1.0
Content-Type: multipart/signed; boundary="==_Exmh_48805551P";
	 micalg=pgp-sha1; protocol="application/pgp-signature"
Content-Transfer-Encoding: 7bit
Date: Thu, 07 Oct 2004 14:17:49 -0400
Sender: linux-kernel-owner@vger.kernel.org
X-Mailing-List: linux-kernel@vger.kernel.org
Content-Length: 1295
Lines: 39

--==_Exmh_48805551P
Content-Type: text/plain; charset=us-ascii

On Thu, 07 Oct 2004 20:49:17 +0300, Denis Vlasenko said:

> PS: is there a reason why automount does this?
> 
> /* include/config.h.  Generated by configure.  */
> #define PATH_MOUNT "/usr/bin/mount"
> #define PATH_UMOUNT "/usr/bin/umount"
> #define PATH_E2FSCK "/usr/bin/fsck.ext2"
> #define PATH_E3FSCK "/usr/bin/fsck.ext3"
> 
> We have $PATH for ages...

Yes, and sometimes you specifically want to make sure you pick up the
right official binary, and not some other one that happens to be in $PATH.
If somebody manages to get automount launched with an insecure $PATH, you
could end up invoking a trojaned mount command (remember why "." in $PATH
is a security issue....)

--==_Exmh_48805551P
Content-Type: application/pgp-signature

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.6 (GNU/Linux)
Comment: Exmh version 2.5 07/13/2001

iD8DBQFBZYhNcC3lWbTT17ARAt81AJ0S4sKEKMlZR73LRN04hC8wjMXGagCeOBMj
mfJQsU+/NqXFKWPc4D+TuHs=
=WJz6
-----END PGP SIGNATURE-----

--==_Exmh_48805551P--
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/