On Tue, Sep 09, 2003 at 12:12:11AM -0400, Pierre A. Humblet wrote: >At 09:11 PM 9/8/2003 -0400, you wrote: >>On Mon, Sep 08, 2003 at 08:46:06PM -0400, Pierre A. Humblet wrote: >>>This is the first in a series of patches fixing security holes >>>associated with the file mappings in the core of Cygwin. >>>I hope the explanations below are clear! >> >>Yes they are, thanks. I can't comment on the security stuff but >>everything else looks good to me. I'll let Corinna have the final say >>on this. >> >>I wonder if it is time to bite the bullet and get rid of user-mode >>mounts entirely. Or maybe disallow them in suid'ed sessions? They are >>always going to be a security hole AFAICT. > >Yep, the same thought has crossed my mind. However I now believe that >with the patch the user mounts do not pose a security issue.
I can't see how a feature which allows any user to redefine what /etc or / is could not be a security issue. cgf