Quoting Dustin Kirkland ([email protected]):
> On Sun, Jan 8, 2012 at 8:46 AM, Marcus <[email protected]> wrote:
> > initctl emit ecryptfs-mounted-private USER=$USER MOUNTPOINT=$MOUNTPOINT
> > SOMEKEY=$SOMEVALUE
>
> Does this have to be executed as the root user?
Yes, it does. And mount.ecryptfs-private is setuid-root, so it can be
executed by non-root. It's probably no big deal, but it means that
$USER, $MOUNTPOINT, and $SOMEVALUE will be passed to root-owned jobs,
and in the past perhaps have been assumed to come from ('trusted') root
tasks. I don't know how carefully those get sanitized along the chain.
It may be no big deal, but any time something which in the past may have
assumed 'trusted' input is going to be handed untrusted input, it's worth
worrying about.
--
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
https://bugs.launchpad.net/bugs/910341
Title:
ecryptfs-(u-)mount-private should emit an upstart event
To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/910341/+subscriptions
--
ubuntu-bugs mailing list
[email protected]
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
