Even more paranoia

author: hpa <hpa> 2003-02-06 06:37:50 +0000
committer: hpa <hpa> 2003-02-06 06:37:50 +0000
commit: 27abf9b09143d0c4248c7085c6ac68e4ed9d07e9 (patch)
tree: 0b687aba6bc78574140b88e9b3e7cbdc4a576696
parent: 9c962235c2798ab10f5131101adb125b1d8c72e7 (diff)
download: syslinux-27abf9b09143d0c4248c7085c6ac68e4ed9d07e9.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/syslinux.c b/syslinux.c
index da646f6b..e1188a4d 100644
--- a/syslinux.c
+++ b/syslinux.c
@@ -434,11 +434,11 @@ int main(int argc, char *argv[])
       setuid(0);
       if ( S_ISREG(st.st_mode) ) {
 	snprintf(mnt_opts, sizeof mnt_opts,
-		 "rw,nodev,noexec,loop,offset=%" PRIdMAX ",umask=077,uid=%lu",
+		 "rw,nodev,noexec,nosuid,loop,offset=%" PRIdMAX ",umask=077,uid=%lu",
 		 (uintmax_t)offset, (unsigned long)ruid);
       } else {
 	snprintf(mnt_opts, sizeof mnt_opts,
-		 "rw,nodev,noexec,umask=077,uid=%lu",
+		 "rw,nodev,noexec,nosuid,umask=077,uid=%lu",
 		 (unsigned long)ruid);
       }
       /* We're root, use clean_environ */
@@ -505,7 +505,7 @@ umount:
   } else if ( f == 0 ) {
     seteuid(0);		/* ***BECOME ROOT*** */
     setuid(0);
-    execl(_PATH_UMOUNT, _PATH_UMOUNT, mntpath, NULL);
+    execle(_PATH_UMOUNT, _PATH_UMOUNT, mntpath, NULL, clean_environ);
   }
 
   w = waitpid(f, &status, 0);
author	hpa <hpa>	2003-02-06 06:37:50 +0000
committer	hpa <hpa>	2003-02-06 06:37:50 +0000
commit	27abf9b09143d0c4248c7085c6ac68e4ed9d07e9 (patch)
tree	0b687aba6bc78574140b88e9b3e7cbdc4a576696
parent	9c962235c2798ab10f5131101adb125b1d8c72e7 (diff)
download	syslinux-27abf9b09143d0c4248c7085c6ac68e4ed9d07e9.tar.gz