diff options
| author | Jeff Layton <jlayton@redhat.com> | 2010-04-01 15:28:54 -0400 |
|---|---|---|
| committer | Jeff Layton <jlayton@redhat.com> | 2010-04-01 15:28:54 -0400 |
| commit | 810f7e4e0f2dbcbee0294d9b371071cb08268200 (patch) | |
| tree | 5541ab286a1a404786e7c0cb32d9d9931b65319e /data_blob.h | |
| parent | 294215ef969ce3ecb91063fbbb8a8c075272cc8d (diff) | |
| download | cifs-utils-810f7e4e0f2dbcbee0294d9b371071cb08268200.tar.gz cifs-utils-810f7e4e0f2dbcbee0294d9b371071cb08268200.tar.bz2 cifs-utils-810f7e4e0f2dbcbee0294d9b371071cb08268200.zip | |
mount.cifs: guard against signals by unprivileged users
If mount.cifs is setuid root, then the unprivileged user who runs the
program can send the mount.cifs process a signal and kill it. This is
not a huge problem unless we happen to be updating the mtab at the
time, in which case the mtab lockfiles might not get cleaned up.
To remedy this, have the privileged mount.cifs process set its real
uid to the effective uid (usually, root). This prevents unprivileged
users from being able to signal the process.
While we're at it, also mask off signals while we're updating the
mtab. This leaves a SIGKILL by root as the only way to interrupt the
mtab update, but there's really nothing we can do about that.
Signed-off-by: Jeff Layton <jlayton@redhat.com>
Diffstat (limited to 'data_blob.h')
0 files changed, 0 insertions, 0 deletions