pass device names to the helper
paths are somewhat trivial to exploit. instead resolve them to the actual block device names under /dev/ and pass that into the privileged helper. the helper then only needs to verify that $name is in fact a block device under /dev/. since unprivileged processes cannot create files in /dev/ directly, let alone block devices, this should give us a very reliable way of preventing abuse.
Showing with 64 additions and 15 deletions