On 12/02/12 21:24, Robert Millan wrote: >> If anyone allows the use of sudo for /bin/mount, that should reset the >> environment to something sane, so they should not be at risk. > > Wouldn't it be better to fix the bug instead?
Yes, of course... > ... I could cherry-pick the > execvP() fix from upstream, but that requires importing the whole > execvP() implementation so I'd rather be sure it's what we need. If it is easier, here is the older method used upstream before execvP and paths.h: http://svnweb.freebsd.org/base/head/sbin/mount/mount.c?r1=117030&r2=117031 Regards, -- Steven Chamberlain [email protected] -- To UNSUBSCRIBE, email to [email protected] with a subject of "unsubscribe". Trouble? Contact [email protected]
