-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 So, as this seems to be around for a bit longer I thing mentioning the workarounds would be helpful:
- - Make sure user_allow_other is not set in /etc/fuse.conf - - Remove the SUID bit from /usr/lib/pt_chown This is mostly inferred from [1]. Does this work? When does this not work? Any comment? [1] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2207 cu AW - -- [...] If you don't want to be restricted, don't agree to it. If you are coerced, comply as much as you must to protect yourself, just don't support it. Noone can free you but yourself. (crag, on Debian Planet) Arne Wichmann (a...@linux.de) -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJVBs5EAAoJEENYfBy4DUs+5vgP/07qI3cTAKOeTbPH5BcBS+XB fNJFmOtTUdXaC9FW0YMAf/kLDtCeI5WXypY0gERyaoh4OaIdEhiWQ1nEIcBD/C0T Z09s0D1L/1lypK3sCz+PO34IlFHmkRNTwlF0TLsYE/8oGAIQgWLEfj9Zxg1szr96 FX+QaM4+IVl9ZYMzrsq8uGZil24X5rkSyBItG+Av+4KqkelD/5wDT91f+YNhWAIN j5zXGzTMPPNpYl1Owux2wltPc1Yd90ZUdn0ZSR8nFPfarlx00TvB4Y7pc3EA1cPi dS8KWzqueswbleilhyMSjpq505rcbBTsMKl45cY4cKa6n7WVn/ruLLU4AfgZ1mB5 EkeYBp+v1BmXP0FtLIbOnTKQD21mVaXIAN7HCsvw8NFJaTf+fQm2FXzbp5MVi/vo MZnyzXIUFxmhgr/CJf1ICviFdIawm7ISGdqdf9yjVgLBbPC1Cl5Kdd9G2wCEx4U1 wJhrGDmpVzU+r+nsNUswyAO9aCLkmGfLHx27s0OX5VjzLo18YW/nSmI9t/MC8/g1 xc+BV9QR2LXewxfT46THQwidCT0yFveFd1N2yBSugEKT1yrvx3+61p/Ox+i+DGUn TCANbn818IEm4H9Nji42n2uOTyYS0vR6aWVbnCeAsTijrky1oBCNAmiGbWd30fBO p87pLEBhfA+Tf8daTnDP =TtDT -----END PGP SIGNATURE----- -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
