> hmm, on Sun, Jul 25, 2010 at 01:08:45PM -0600, Theo de Raadt said that > > > > > > > > > > > > > > That's no excuse. The point here is that any unprivileged user can hang > > > the system at will. > > > > I don't see an unprivleged user. > > > > I see root performing the mount, since only root can perform mounts > > (unless a sysctl is activated, which noone uses). > > i sent the example as root, but i happen to use that sysctl.
So it is root. > i havent tested this as unprivileged user though. Tough. If you enable that sysctl, it is your own responsibility. > i think it doesnt matter what the user is, this shouldnt > be happening. We make the source code available, and yet noone here has even sat down for 30 seconds and gone and checked the kernel msdos mount code and realized that it almost nothing it can validate a filesystem on. It saw that space of disk, validated it as msdos, and mounted it. This is not ffs. When you do stuff like that, we are not your nanny.
