#9 Allow mode to be specified when mounting

closed
nobody
None
5
2006-06-01
2005-10-01
Anonymous
No

I'd like to mount a webdav server such that the
directory in the filesystem is readable by all users on
the machine. Currently, when mounting using davfs2, the
mode is set to 700 for directories and 600 for files,
but I'd like to be able to override this with an option
in fstab (perhaps via a "mode=xyz" option) so that all
files and directories on the mount are viewable by all
users on the machine.

Discussion

  • Nobody/Anonymous

    Logged In: NO

    After looking at the source code, it seems that this option
    used to be here, but was taken out since it was a security
    issue. My little knowledge of C suggests to me that this was
    because, although the file and dir perms were being set
    correctly, there was no code to actually check the perms on
    the file when a user read/wrote to the file. Looks like you
    went for a simple fix of hardcoding the perms so that a
    simple check (userID == file.userID || user = root) could be
    used as a short term stopgap. I've had a play with the
    source and reverted the change in the copy I've got at home,
    since it'll only be my wife and I with access to the mount
    points, and that seems to work reasonably well.

    However, this is where my knowledge of C rather breaks down.
    Mounting the first davfs point seems to work ok, but
    subsequent ones cause core dumps. I've tracked the issue
    down the the fact that, in get_free_device, after each
    iteration NE_FREE(device) and NE_FREE(dav_pidfile) are
    called. This means that on the second iteration, both
    pointers are pointing at 0x0, and subsequent updates to them
    cause core dumps, since (presumably) they're writing to an
    invalid memory range. Removing these calls seems to fix the
    issue, though I guess my version may now have a small memory
    leak. I'm confused as to how this ever worked though, and
    would appreciate some enlightenment (I'm a java programmer
    by trade, and so the whole memory allocation world is
    unfamiliar territory).

    Many thanks.

     
  • Werner Baumann

    Werner Baumann - 2005-10-08

    Logged In: YES
    user_id=1260327

    Hello,

    concerning permissions: It is just the way you desribe it.
    It's on our TODO-list, but propably will stay there some time.

    Error in get_free_device(char **device):

    It is the NE_FREE(device); should be NE_FREE(*device).
    I have taken the pointer to the pointer instead of the pointer.

    Some explanation for those poor Java programmers thar are
    not allowed to do this kind of fault.
    get_free_device first searches /proc/mounts and /etc/mtab
    for minor numbers in use and excludes them from the list. It
    then starts with the lowest free minor number and builds
    strings for the device-name and the pid-file-name. Then it
    checks wether the pid-file allready exists. In this case it
    will (and shall) free the allocated strings for this names.
    It will try the same with the next free minor number until
    there is no pid-file or no more minor number.
    dav_pidfile is one of these C-strings, aka a pointer to char.
    But device is a pointer to a C-string, aka pointer to a
    pointer to char. This is necessary to do something like
    "pass by reference" with int asprintf (char **ptr, const
    char *template, ...) and int get_free_device(char **device).

    Why this bug has passed?
    davfs2 will only have to free the strings for device and
    pid-file, if there is a pidfile but no entry in /proc/mounts
    or /etc/mtab for this device. This should not happen, but it
    may happen, when mount-davfs crashed before.
    So it might be a good idea to clean the /var/run/mount.davfs
    directory from stale pid-files.

    The bug is fixed in the CVS repository.

    Thanks for the error report
    Werner

     
  • Werner Baumann

    Werner Baumann - 2006-06-01
    • status: open --> closed
     

Log in to post a comment.