Vulnerability Development mailing list archives
Re: volcheck and sol 8
From: dim () XS4ALL NL (Dimitry Andric)
Date: Thu, 20 Jul 2000 21:59:57 +0200
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 On 2000-07-18 at 13:35 Matthew Potter wrote:
So what happens if I make my own CD with a little shell script which calls a prebuilt binary with a setuid and setgid 0 , then system("/bin/sh").... or what ever i want. THis is DEFAULT behavior. I am sure you would disable it from running in vold.conf.
Of course, CD's should always be mounted nosuid, nodev, and maybe even noexec if you are really paranoid. Note that these are Linux/BSD options, I sincerely hope that Solaris has these too... ;-) Cheers, - -- Dimitry Andric <dim () xs4all nl> PGP key: http://www.xs4all.nl/~dim/dim.asc KeyID: 4096/1024-0x2E2096A3 Fingerprint: 7AB4 62D2 CE35 FC6D 4239 4FCD B05E A30A 2E20 96A3 -----BEGIN PGP SIGNATURE----- Version: Encrypted with PGP Plugin for Calypso Comment: http://www.gn.apc.org/duncan/stoa_cover.htm iQA/AwUBOXdMLbBeowouIJajEQI7PQCghPme52ScT0JIcFezpPC25HTgG/gAn23U c7E/ThijSvz+wrDXUiKel1yJ =rgwY -----END PGP SIGNATURE-----
Current thread:
- Re: volcheck and sol 8 Dimitry Andric (Jul 20)
- <Possible follow-ups>
- Re: volcheck and sol 8 Michel Arboi (Jul 20)
- Re: volcheck and sol 8 Matthew Potter (Jul 20)
- Re: volcheck and sol 8 Marius Banica (Jul 20)
- Re: volcheck and sol 8 Jeffrey Karpenko (Jul 21)
- Re: volcheck and sol 8 Havens, Peter (Jul 21)
- Re: volcheck and sol 8 Michel Arboi (Jul 21)
- Re: volcheck and sol 8 Sarel J. Botha (Jul 23)
- Re: volcheck and sol 8 Brian Scanlan (Jul 24)