search

dyne / tomb

the Crypto Undertaker
https://dyne.org/software/tomb
GNU General Public License v3.0
1.32k stars 150 forks source link

lo_mount: check for loop support needs privilege escalation #437

Closed Narrat closed 2 years ago

Narrat commented 2 years ago

If there is no free loop device, the call of loopsetup -f will create one and return it. For this it needs privilege escalation. It doesn't need those, if there is already an used device, but that cannot be guaranteed.

Closes #436

Just readds the logic before the change. Maybe there is a better way to check for loop support?

Narrat commented 2 years ago

Looking at the whole lo_mount() function. Isn't there a chance for a race condition? It checks for loop support and sets TOMBLOOP. If that succeeds it will mount the loop device with the next free device. But in the small time window between the two commands something different could grab hold of the one saved in TOMBLOOP and the actual tomb would be mounted in a different device. But the incorrect one would be saved in TOMBLOOPDEVS. Probably not likely to happen, but nevertheless sth that should be avoided at all?

jaromil commented 2 years ago

Yes, there can be a race condition as you mention.