On Mon, 10 Nov 2003 17:46:51 -0800, Spider muttered: <snip> > if you however allow me to mount > /tmp/my.iso /mnt/loop iso9660 loop,user 0 0 > > and then allow me to mount that, and I can replace my.iso, its enough to > have software access to my.iso to be able to crack your machine, and do > it quite well.
How'd that work? I don't see how being able to mount an arbitrary ISO would translate into a security risk, unless: a security-related program reads from /mnt/loop, in which case the use of a disk image doesn't directly cause problems -- it's the fact that the program uses an untrustable file as a data source. A buggy filesystem could also possibly cause errors, but only if there exist serious kernel errors that don't detect corrupt file systems. > as for "user" disabling "suid" that isn't the case, you can have both > "user" and "suid" on the same mountpoint. Yes, but user implicitly sets nosuid, and that's how it _should_ be used. -- Andrew Farmer [EMAIL PROTECTED]
pgp00000.pgp
Description: PGP signature
