Bugtraq mailing list archives
Re: [linux-security] Re: Possible bufferoverflow condition in
From: mhjack () tscnet com (Mike Jackson)
Date: Wed, 14 Aug 1996 01:16:20 -0700
On Tue, 13 Aug 1996, Jeff Uphoff wrote:
"MA" == Mike Acar <mike () contract kent edu> writes: MA> Speaking of suid binaries, *why* are /bin/mount and /bin/umount suid? MA> These shouldn't be run by anybody but the superuser. Linux supports the concept of user-mountable filesystems (via the option specification "user" in /etc/fstab), allowing non-root users to mount and unmount e.g. removable media like CD-ROM's and floppies. This functionality is obviously not available unless mount/umount are suid root.
This would be a good canidate for sudo. As any good sysadmin will keep telling you... Disable ALL suid programs that are not necessary for the normal operation of the system. If a user needs to mount filesystems, use sudo to all the operation as root. The same point goes for any other program. Very few programs need to actually be suid root. Most systems are using ppp these days, rather then slip. But how many systems still have dip set suid root?! I'd bet a lot do. Check your systems! Bugs in programs are found every day. Disable what is not needed. If only root mounts on your system, then use mode 700 for that mount command.. Mike Jackson TSCNet
Current thread:
- Re: Possible bufferoverflow condition in lpr, xterm and xload Wolfram Schmidt (Aug 13)
- <Possible follow-ups>
- Re: Possible bufferoverflow condition in lpr, xterm and xload Jeff Uphoff (Aug 13)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Digital Dreamer (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in David DeSimone (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Vidar Madsen (Aug 15)
- Re: [linux-security] Re: Possible bufferoverflow condition in Shaun Lowry (Aug 16)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- The buggy realpath.c Alan Cox (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Nick Andrew (Aug 20)