Bugtraq mailing list archives
why suid mount (was Re: Possible bufferoverflow condition in lpr,
From: reece () taz nceye net (Bryan Reece)
Date: Tue, 13 Aug 1996 14:21:08 -0400
Date: Tue, 13 Aug 1996 09:25:03 -0400 From: Mike Acar <mike () contract kent edu> Speaking of suid binaries, *why* are /bin/mount and /bin/umount suid? These shouldn't be run by anybody but the superuser. They're suid root to allow users to mount/umount removable media. There's a `user' option in fstab that allows normal users to mount/umount the specified filesystem; this is normally used along with nosuid,nodev in an attempt to reduce security risks. -- DZ-015 (Mike Acar) Information Retrieval Ministry of Information
Current thread:
- Re: Vulnrability in all known Linux distributions, (continued)
- Re: Vulnrability in all known Linux distributions Steve Czetty (Aug 13)
- Re: Vulnrability in all known Linux distributions Alan Brown (Aug 13)
- Re: Vulnrability in all known Linux distributions Elliot Lee (Aug 13)
- Re: Vulnrability in all known Linux distributions Alan Cox (Aug 14)
- mount/umount realpath() buffer overflow David J. Meltzer (Aug 13)
- Possible bufferoverflow condition in lpr, xterm and xload bloodmask (Aug 12)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Digital Dreamer (Aug 12)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Casper Dik (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Mike Acar (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Elliot Lee (Aug 13)
- why suid mount (was Re: Possible bufferoverflow condition in lpr, Bryan Reece (Aug 13)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Christopher Masto (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Brian Tao (Aug 15)
- Re: Possible bufferoverflow condition in lpr, xterm and xload *Unknown* (Aug 17)
- Re: libresolv+ bug Theo Van Dinter (Aug 17)
- Re: libresolv+ bug Brian Mitchell (Aug 18)
- Re: libresolv+ bug Jon Lewis (Aug 18)
- Re: libresolv+ bug Alan Cox (Aug 19)
- libresolv Xarthon (Aug 18)
- Re: libresolv Xarthon (Aug 18)
- Re: libresolv+ bug Nelson Murilo (Aug 18)