Overview

File CVE-2011-1833.patch of Package ecryptfs-utils.import4986

Description: fix race condition when checking source during mount
Author: Marc Deslauriers <marc.deslauriers@canonical.com>
Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ecryptfs-utils/+bug/732628

Index: ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c
===================================================================
--- ecryptfs-utils-83.orig/src/utils/mount.ecryptfs_private.c
+++ ecryptfs-utils-83/src/utils/mount.ecryptfs_private.c
@@ -501,7 +501,7 @@ int main(int argc, char *argv[]) {
 	if (fnek == 1) {
 		/* Filename encryption is on, so specific the fnek sig */
 		if ((asprintf(&opt,
-"ecryptfs_sig=%s,ecryptfs_fnek_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d",
+"ecryptfs_check_dev_ruid,ecryptfs_sig=%s,ecryptfs_fnek_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d",
 		 sig, sig_fnek, KEY_CIPHER, KEY_BYTES) < 0) ||
 		 opt == NULL) {
 			perror("asprintf (opt)");
@@ -510,7 +510,7 @@ int main(int argc, char *argv[]) {
 	} else {
 		/* Filename encryption is off; legacy support */
 		if ((asprintf(&opt,
-		 "ecryptfs_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d",
+		 "ecryptfs_check_dev_ruid,ecryptfs_sig=%s,ecryptfs_cipher=%s,ecryptfs_key_bytes=%d",
 		 sig, KEY_CIPHER, KEY_BYTES) < 0) ||
 		 opt == NULL) {
 			perror("asprintf (opt)");
openSUSE Build Service is sponsored by
Places