From: kf8nh@kf8nh.wariat.org Subject: Re: A warning Date: Sun, 14 Feb 1993 19:40:01 GMT
In article <1ljlsh$t7t@smurf.sub.org> urlichs@smurf.sub.org (Matthias Urlichs) writes:
>NB: Are there any problems with non-root mounts, other than requiring
>writability of the directory and turning off setuid()/setgid() to all
>uids (except the one of the current user of course -- come to think of it,
>the NOSUID flag doesn't seem to be implemented yet -- has anybody done it
>already, or should I just do it?)
You also need to disregard device nodes for non-root mounts. I can think of
a few ways to get root access if you don't --- and the experts can probably
think of lots more. Doesn't some BSD variant have a "nodevs" option to mount?
You also need to make sure the filesystem type to be mounted supports the
options. If it silently accepts them then you aren't safe.
++Brandon