Yet another Linux on the desktop article
Uncle Jim
jim at jimani.com
Tue Aug 3 04:49:13 CDT 2004
Hi,
On Mon, Aug 02, 2004 at 10:39:25AM -0500, Jason Clinton wrote:
>
> >to take the time to reboot the machine. If I have a floppy with a copy of
> >bash that
> >is owned by root with permissions of 4755 and I come to your machine allI
> >have to do
> >
>
> What about this new-fangled "nosuid" mount option I keep hearing about.
> I mean, surely no one has thought about the security ricks of allowing
> users to mount media before........
I haven't seen it. So I looked and "man mount" said:
nosuid Do not allow set-user-identifier or set-group-identifier
bits to take effect. (This seems safe, but is in fact
rather unsafe if you have suidperl(1) installed.)
It seems that people are thinking about it but they aren't quite "desktop ready"
yet. And it looks like I need to spend a little more time preparing my floppy.
--
Jim
More information about the Kclug
mailing list