Your message dated Tue, 01 Nov 2016 09:48:37 +0000
with message-id <[email protected]>
and subject line Bug#805568: fixed in encfs 1.9.1-1
has caused the Debian Bug report #805568,
regarding encfs --reverse should disallow recursive directory traversal [fixed
upstream]
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
805568: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=805568
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Package: encfs
Version: 1.7.4-2.4+b1
It's possible to mount this filesystem in a descendant of the real
(source) filesystem. For instance, one could do this:
encfs --reverse / /home/encrypted/rootfs
The mountpoint itself is then also there:
/home/encrypted/rootfs/home/encrypted/rootfs
And accessing that results in a hang:
cat /home/encrypted/rootfs/home/encrypted/rootfs/root/.bashrc
(infinite hang)
This has been fixed upstream in:
https://github.com/vgough/encfs/commit/a461d88cc36a4a56c6e576a59e1f7a60f7dc7cd7
The attached patch is a backport for 1.7.4-2.4.
Cheers,
Walter Doekes
$ lsb_release -a 2>/dev/null
Distributor ID: Debian
Description: Debian GNU/Linux 7.8 (wheezy)
Release: 7.8
Codename: wheezy
Description: Perform checks against descending into own mountpoint.
This patch is the 1.7.4 version of pull request 125 from
https://github.com/vgough/encfs/pull/125 that fixes problems with
recursive directory accesses.
Author: Walter Doekes <[email protected]>
Forwarded: https://github.com/vgough/encfs/pull/125
Applied-Upstream: commit:07fb5b8990e0447be775f7871cea2c5f0d2ec38e,
v1.8.2(?)
Last-Update: 2015-11-19
--- a/encfs/DirNode.cpp
+++ b/encfs/DirNode.cpp
@@ -310,14 +310,9 @@ DirNode::DirNode(EncFS_Context *_ctx,
Lock _lock( mutex );
ctx = _ctx;
- rootDir = sourceDir;
+ rootDir = sourceDir; // .. and fsConfig->opts->mountPoint have trailing slash
fsConfig = _config;
- // make sure rootDir ends in '/', so that we can form a path by appending
- // the rest..
- if( rootDir[ rootDir.length()-1 ] != '/' )
- rootDir.append( 1, '/');
-
naming = fsConfig->nameCoding;
}
@@ -340,6 +335,28 @@ DirNode::rootDirectory()
return string( rootDir, 0, rootDir.length()-1 );
}
+bool
+DirNode::touchesMountpoint( const char *realPath ) const {
+ const string &mountPoint = fsConfig->opts->mountPoint;
+ // compare mountPoint up to the leading slash.
+ // examples:
+ // mountPoint = /home/user/Junk/experiment/
+ // realPath = /home/user/Junk/experiment
+ // realPath = /home/user/Junk/experiment/abc
+ const ssize_t len = mountPoint.length() - 1;
+
+ if (mountPoint.compare(0, len, realPath, len) == 0) {
+ // if next character is a NUL or a slash, then we're referencing our
+ // mount point:
+ // .../experiment => true
+ // .../experiment/... => true
+ // .../experiment2/abc => false
+ return realPath[len] == '\0' || realPath[len] == '/';
+ }
+
+ return false;
+}
+
string
DirNode::cipherPath( const char *plaintextPath )
{
--- a/encfs/DirNode.h
+++ b/encfs/DirNode.h
@@ -97,6 +97,9 @@ public:
// return the path to the root directory
std::string rootDirectory();
+ // recursive lookup check
+ bool touchesMountpoint(const char *realPath) const;
+
// find files
shared_ptr<FileNode> lookupNode( const char *plaintextName,
const char *requestor );
--- a/encfs/FileUtils.h
+++ b/encfs/FileUtils.h
@@ -63,6 +63,7 @@ enum ConfigMode
struct EncFS_Opts
{
std::string rootDir;
+ std::string mountPoint; // where to make filesystem visible
bool createIfNotFound; // create filesystem if not found
bool idleTracking; // turn on idle monitoring of filesystem
bool mountOnDemand; // mounting on-demand
--- a/encfs/encfs.cpp
+++ b/encfs/encfs.cpp
@@ -132,6 +132,14 @@ static int withFileNode( const char *opN
rAssert(fnode != NULL);
rLog(Info, "%s %s", opName, fnode->cipherName());
+
+ // check that we're not recursing into the mount point itself
+ if (FSRoot->touchesMountpoint(fnode->cipherName())) {
+ rInfo("%s error: Tried to touch mountpoint: '%s'",
+ opName, fnode->cipherName());
+ return res; // still -EIO
+ }
+
res = op( fnode.get(), data );
if(res < 0)
--- a/encfs/main.cpp
+++ b/encfs/main.cpp
@@ -79,7 +79,6 @@ using boost::scoped_ptr;
const int MaxFuseArgs = 32;
struct EncFS_Args
{
- string mountPoint; // where to make filesystem visible
bool isDaemon; // true == spawn in background, log to syslog
bool isThreaded; // true == threaded
bool isVerbose; // false == only enable warning/error messages
@@ -348,8 +347,10 @@ bool processArgs(int argc, char *argv[],
// the mount point.
if(optind+2 <= argc)
{
+ // both rootDir and mountPoint are assumed to be slash terminated in the
+ // rest of the code.
out->opts->rootDir = slashTerminate( argv[optind++] );
- out->mountPoint = argv[optind++];
+ out->opts->mountPoint = slashTerminate(argv[optind++]);
} else
{
// no mount point specified
@@ -372,7 +373,7 @@ bool processArgs(int argc, char *argv[],
// sanity check
if(out->isDaemon &&
- (!isAbsolutePath( out->mountPoint.c_str() ) ||
+ (!isAbsolutePath( out->opts->mountPoint.c_str() ) ||
!isAbsolutePath( out->opts->rootDir.c_str() ) )
)
{
@@ -386,7 +387,7 @@ bool processArgs(int argc, char *argv[],
// the raw directory may not be a subdirectory of the mount point.
{
- string testMountPoint = slashTerminate( out->mountPoint );
+ string testMountPoint = out->opts->mountPoint;
string testRootDir =
out->opts->rootDir.substr(0, testMountPoint.length());
@@ -416,15 +417,15 @@ bool processArgs(int argc, char *argv[],
rWarning(_("Unable to locate root directory, aborting."));
return false;
}
- if(!isDirectory( out->mountPoint.c_str() ) &&
- !userAllowMkdir( out->mountPoint.c_str(),0700))
+ if(!isDirectory( out->opts->mountPoint.c_str() ) &&
+ !userAllowMkdir( out->opts->mountPoint.c_str(),0700))
{
rWarning(_("Unable to locate mount point, aborting."));
return false;
}
// fill in mount path for fuse
- out->fuseArgv[1] = out->mountPoint.c_str();
+ out->fuseArgv[1] = out->opts->mountPoint.c_str();
return true;
}
@@ -746,7 +747,7 @@ static bool unmountFS(EncFS_Context *ctx
if( arg->opts->mountOnDemand )
{
rDebug("Detaching filesystem %s due to inactivity",
- arg->mountPoint.c_str());
+ arg->opts->mountPoint.c_str());
ctx->setRoot( shared_ptr<DirNode>() );
return false;
@@ -755,8 +756,8 @@ static bool unmountFS(EncFS_Context *ctx
// Time to unmount!
// xgroup(diag)
rWarning(_("Unmounting filesystem %s due to inactivity"),
- arg->mountPoint.c_str());
- fuse_unmount( arg->mountPoint.c_str() );
+ arg->opts->mountPoint.c_str());
+ fuse_unmount( arg->opts->mountPoint.c_str() );
return true;
}
}
--- End Message ---
--- Begin Message ---
Source: encfs
Source-Version: 1.9.1-1
We believe that the bug you reported is fixed in the latest version of
encfs, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Eduard Bloch <[email protected]> (supplier of updated encfs package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sun, 30 Oct 2016 23:37:46 +0100
Source: encfs
Binary: encfs
Architecture: source amd64
Version: 1.9.1-1
Distribution: experimental
Urgency: low
Maintainer: Eduard Bloch <[email protected]>
Changed-By: Eduard Bloch <[email protected]>
Description:
encfs - encrypted virtual filesystem
Closes: 628238 805568 822102 828293 842287
Changes:
encfs (1.9.1-1) experimental; urgency=low
.
* New upstream release
+ handles recursive directory traversal (closes: #805568)
* watch file update (closes: #842287)
* debian/patches/libssl1.1 -- Experimental SSL 1.1 support from
master branch (closes: #828293)
* Swedish debconf translation by Jonatan Nyberg (closes: #822102)
* Require non-ancient version of mount (closes: #628238)
Checksums-Sha1:
2cb3d7fc254d9b6286632fb72e1578f4d7fb5c6a 1899 encfs_1.9.1-1.dsc
59c595aa64068f79185fb87e4d98ada7e57bbc09 362104 encfs_1.9.1.orig.tar.xz
f7c9f8eae06c869105c24982ab2869ebb0642ce3 24024 encfs_1.9.1-1.debian.tar.xz
71e5a0a320ec6cf33ae836de6ec66e2180e089e9 1574096 encfs-dbgsym_1.9.1-1_amd64.deb
545ed36d98a0d0a646e637ae02295c437d1bec08 379678 encfs_1.9.1-1_amd64.deb
Checksums-Sha256:
ae6e15c2cb2e8f737fc6fce8fd7e8c7ec9b550c5fafbaac1896878a5e3a6a03d 1899
encfs_1.9.1-1.dsc
91034ed73637eafc712b94b92d295ae7f3b45aa5fa026f8455d0a54004ea86d5 362104
encfs_1.9.1.orig.tar.xz
a77492f9aa09906059be29a807e6ffd2edc5dd70b6c649130327587f4c37d129 24024
encfs_1.9.1-1.debian.tar.xz
95bf74f58d38403276aeb3fa150a3540d78ad9e19894f93b650886ce4efe2bc0 1574096
encfs-dbgsym_1.9.1-1_amd64.deb
865fe89bad7312eb0932c4f1126ded8940f36a14bddb945507ed53e63f777f51 379678
encfs_1.9.1-1_amd64.deb
Files:
6429f9e1cfe87eae53260bb4fd1f4fc1 1899 utils optional encfs_1.9.1-1.dsc
4fa13b14b778dd6f1e303d1796cedfc8 362104 utils optional encfs_1.9.1.orig.tar.xz
483e6d799da012a7ddbd56e7322ea326 24024 utils optional
encfs_1.9.1-1.debian.tar.xz
fd31fc1ddcc8cd973318e7c551c668d7 1574096 debug extra
encfs-dbgsym_1.9.1-1_amd64.deb
46aa5b458c9e54a3c670eb5214e92380 379678 utils optional encfs_1.9.1-1_amd64.deb
-----BEGIN PGP SIGNATURE-----
iQIcBAEBCAAGBQJYGGDbAAoJEGl0DlyzX+w8CpEQAJIKUk0lIL/SiiCfucNsisa7
lPjuGYmtx2f8K0rr1/gOqnEUQlnig7Md5VUe/AsWejTUemND6mUT5E54p55WNBOW
wPgXLPhzNBnQVae2T3sTh8UCNUfuDwMgw4pbv5ELLfLOLvJGq+nvMJGXWFNZd4UM
bmU/q5TW2xk1J2C7sHCZc4mhm3QEiECQ3/d6XhN28RtSliyb+/pJ4uFDf5YYy05e
MS1B1leguRbBtnKiztAYGJkOPMG8nMn+/gIzJuDKSr151ZkboD0jgkw00IQSkBxn
3632Qjwf2FpU+hClIfITfGBtujtouvUhkeHOrbrow669sNO/6VcQj1WIKNsFf0Q+
aUKbGWbTD+9S7NYyD5nL/OzTwryVKDu7XN0xHs4Oq6pk9lWy3DBG7fhh5wlA/VRp
9IpTKdANhyFNrC+lFFbjRGj9XtRRXtfXxDaHvv0nSAkqf9dMEkzEkc+XXfH5PC3S
mhw5bpSOCToICiubivJ5z2AXj6jfMfNQ7Zm0DgEunicr0PQFEsFCsugjFYe7IQOm
0AwyynlxEtQ0hBHvx1TVwweJXOkU+oku2hCRLuWh4OiBblKb7BbRj5XF/u1y7fTv
CcL83juftuKiyhZquA/jnyyS5PqMJ3uiiRqDu+7IlblENh0Hi6mw4qs+RRwUUY8x
g/YZMhYqsDMWMRYDT77Q
=gbxf
-----END PGP SIGNATURE-----
--- End Message ---
