prikaz mount - muze pouzivat i jiny uzivatel?

[Petr Novotny]

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

On 7 Sep 2000, at 9:44, Daniel Fiser wrote:

> nastavte si suid na smbmount a smbumount. Potom to pujde i beznemu
> uzivateli.

To je *extremne* duverivy a nebezpecny napad. Co brani v tom 
okamziku uzivateli, aby pomoci smbmount prekryl adresar /etc 
(nebo treba /etc/pam.d) svou vlastni verzi a stal se ihned rootem?

Je NUTNE zajistit, aby uzivatel (ne-root) smel mountovat jen 
URCENA ZARIZENI a jen do URCENYCH MOUNT-POINTU. Jinak 
dejte vsem roota, a mate to za stejne penize.

-----BEGIN PGP SIGNATURE-----
Version: PGP 6.5.8 -- QDPGP 2.61b
Comment: http://community.wow.net/grt/qdpgp.html

iQA/AwUBObdOu1MwP8g7qbw/EQJu3gCeL42X4HLi+lJNtPWQ3ugb7oTkZHkAn0Mm
Y6gNo/3cC73ZYeS8CzV4ZV2U
=rLTa
-----END PGP SIGNATURE-----
--
Petr Novotny, ANTEK CS
Petr.Novotny na antek.cz
http://www.antek.cz
PGP key ID: 0x3BA9BC3F
-- Don't you know there ain't no devil there's just God when he's drunk.
                                                             [Tom Waits]