Quoting Dustin Kirkland (<email address hidden>):
> On Sun, Jan 8, 2012 at 8:46 AM, Marcus <email address hidden> wrote:
> > initctl emit ecryptfs-mounted-private USER=$USER MOUNTPOINT=$MOUNTPOINT
> > SOMEKEY=$SOMEVALUE
>
> Does this have to be executed as the root user?
Yes, it does. And mount.ecryptfs-private is setuid-root, so it can be
executed by non-root. It's probably no big deal, but it means that
$USER, $MOUNTPOINT, and $SOMEVALUE will be passed to root-owned jobs,
and in the past perhaps have been assumed to come from ('trusted') root
tasks. I don't know how carefully those get sanitized along the chain.
It may be no big deal, but any time something which in the past may have
assumed 'trusted' input is going to be handed untrusted input, it's worth
worrying about.
Quoting Dustin Kirkland (<email address hidden>): mounted- private USER=$USER MOUNTPOINT= $MOUNTPOINT
> On Sun, Jan 8, 2012 at 8:46 AM, Marcus <email address hidden> wrote:
> > initctl emit ecryptfs-
> > SOMEKEY=$SOMEVALUE
>
> Does this have to be executed as the root user?
Yes, it does. And mount.ecryptfs- private is setuid-root, so it can be
executed by non-root. It's probably no big deal, but it means that
$USER, $MOUNTPOINT, and $SOMEVALUE will be passed to root-owned jobs,
and in the past perhaps have been assumed to come from ('trusted') root
tasks. I don't know how carefully those get sanitized along the chain.
It may be no big deal, but any time something which in the past may have
assumed 'trusted' input is going to be handed untrusted input, it's worth
worrying about.