mount helper in C committed
Ludwig Nussel
ludwig.nussel at suse.de
Thu Mar 16 05:15:12 PST 2006
On Monday 06 March 2006 23:43, David Zeuthen wrote:
> 1. Should be a lot easier to audit and a lot more secure as it doesn't
> pull in all of bash
I wouldn't say that in general.
> 2. Allow anything without '/' as valid mount point
mount happily accepts control characters in mount points. That
doesn't disturb the shell but unfortunately mount displays them if
you run it without parameters (or cat /etc/mtab /proc/mounts). So
you can have e.g. terminal escape sequences executed. I'd remove or
substitute non printable ascii characters. They are just binary
garbage after all.
cu
Ludwig
--
(o_ Ludwig Nussel
//\ SUSE LINUX Products GmbH, Development
V_/_ http://www.suse.de/
More information about the hal
mailing list