Vulnerability Development mailing list archives

Re: volcheck and sol 8

From: arboi () BIGFOOT COM (Michel Arboi)
Date: Fri, 21 Jul 2000 17:45:30 +0200

"DA" == Dimitry Andric <dim () XS4ALL NL> writes:


    DA> Of course, CD's should always be mounted nosuid, nodev, and
    DA> maybe even noexec if you are really paranoid.

Is this a real protection?
If you send a malicious script (shell script, Perl scrit,
whatever...), I suspect that _read_ access is enough to run it.

    DA> Note that these
    DA> are Linux/BSD options, I sincerely hope that Solaris has these
    DA> too... ;-)

There is no such thing as an "autorun" horror^W feature in Linux or BSD.

--
mailto:arboi () bigfoot com     http://www.bigfoot.com/~arboi/
GPG Public keys: http://www.bigfoot.com/~arboi/pubkey.txt

Current thread:

Re: volcheck and sol 8 Dimitry Andric (Jul 20)
- <Possible follow-ups>
- Re: volcheck and sol 8 Michel Arboi (Jul 20)
  - Re: volcheck and sol 8 Matthew Potter (Jul 20)
- Re: volcheck and sol 8 Marius Banica (Jul 20)
- Re: volcheck and sol 8 Jeffrey Karpenko (Jul 21)
- Re: volcheck and sol 8 Havens, Peter (Jul 21)
- Re: volcheck and sol 8 Michel Arboi (Jul 21)
  - Re: volcheck and sol 8 Sarel J. Botha (Jul 23)
  - Re: volcheck and sol 8 Brian Scanlan (Jul 24)