diff options
| author | Jeff Layton <jlayton@samba.org> | 2010-04-12 06:55:24 -0400 |
|---|---|---|
| committer | Jeff Layton <jlayton@samba.org> | 2010-04-12 06:55:24 -0400 |
| commit | 310ae910b548e232cc86b34896bd7010c3b1cad2 (patch) | |
| tree | 09d39ad1e0038140254866033d54c685433f6702 | |
| parent | e4593787a6488573fbec99e5ee604a2e25bc1e5c (diff) | |
| download | cifs-utils-310ae910b548e232cc86b34896bd7010c3b1cad2.tar.gz cifs-utils-310ae910b548e232cc86b34896bd7010c3b1cad2.tar.bz2 cifs-utils-310ae910b548e232cc86b34896bd7010c3b1cad2.zip | |
cifs: enable CAP_DAC_READ_SEARCH before chdir() and realpath() calls
It's possible that root won't have privileges to chdir or evaluate the
paths without that capability.
Signed-off-by: Jeff Layton <jlayton@samba.org>
| -rw-r--r-- | configure.ac | 2 | ||||
| -rw-r--r-- | mount.cifs.c | 6 |
2 files changed, 7 insertions, 1 deletions
diff --git a/configure.ac b/configure.ac index f1bd419..c56a944 100644 --- a/configure.ac +++ b/configure.ac @@ -1,7 +1,7 @@ # -*- Autoconf -*- # Process this file with autoconf to produce a configure script. -AC_INIT([cifs-utils], [4.3], [cifs-utils@samba.org], [cifs-utils], [http://linux-cifs.samba.org/cifs-utils/]) +AC_INIT([cifs-utils], [4.3.1], [cifs-utils@samba.org], [cifs-utils], [http://linux-cifs.samba.org/cifs-utils/]) AC_CONFIG_SRCDIR([replace.h]) AC_CONFIG_HEADERS([config.h]) AC_CONFIG_FILES([Makefile]) diff --git a/mount.cifs.c b/mount.cifs.c index 1aa3329..acab8c8 100644 --- a/mount.cifs.c +++ b/mount.cifs.c @@ -1596,6 +1596,9 @@ int main(int argc, char **argv) mountpoint = argv[optind + 1]; /* chdir into mountpoint as soon as possible */ + rc = toggle_dac_capability(0, 1); + if (rc) + return rc; rc = chdir(mountpoint); if (rc) { fprintf(stderr, "Couldn't chdir to %s: %s\n", mountpoint, @@ -1611,6 +1614,9 @@ int main(int argc, char **argv) rc = EX_SYSERR; goto mount_exit; } + rc = toggle_dac_capability(0, 0); + if (rc) + return rc; /* * mount.cifs does privilege separation. Most of the code to handle |