Comment 8 for bug 910341
Revision history for this message
| Serge Hallyn (serge-hallyn) wrote Re: [Bug 910341] Re: ecryptfs-(u-)mount-private should emit an upstart event | #8 |
© 2004
Canonical Ltd.
•
Terms of use
•
Data privacy
•
Contact Launchpad Support
•
Blog
•
Careers
•
System status
•
5c6b958
demo site
(Get the code!)
Quoting Dustin Kirkland (<email address hidden>):
> On Sun, Jan 8, 2012 at 8:46 AM, Marcus <email address hidden> wrote:
> > initctl emit ecryptfs-
> > SOMEKEY=$SOMEVALUE
>
> Does this have to be executed as the root user?
Yes, it does. And mount.ecryptfs-
executed by non-root. It's probably no big deal, but it means that
$USER, $MOUNTPOINT, and $SOMEVALUE will be passed to root-owned jobs,
and in the past perhaps have been assumed to come from ('trusted') root
tasks. I don't know how carefully those get sanitized along the chain.
It may be no big deal, but any time something which in the past may have
assumed 'trusted' input is going to be handed untrusted input, it's worth
worrying about.