Re: Why 'mount' utils nees a setuid bit?
- From: hal-usenet@xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx (Hal Murray)
- Date: Thu, 17 Apr 2008 10:59:04 -0500
In article <aec45dd5-0f90-4eaa-b08b-9e692fcd2b76@xxxxxxxxxxxxxxxxxxxxxxxxxxxx>,
xi4oyu <Evil.xi4oyu@xxxxxxxxx> writes:
well , there exists some differents to mount a filesytem if you are a
normal user.
Even if root has added user options in /etc/fstab , user then can
mount the filesytem . But it seems that the setuid program in the
newly mounted FS doesn't a truley setuid program , Even you use ls -
l ,the result like :
[test@localhost mnt]$ ls -l
total 52
-rwsr-sr-x 1 root root 38468 Apr 17 15:47 chmod
drwx------ 2 root root 12288 Apr 17 15:42 lost+found
but the chmod can't turely take efforts on the root's file :p
The OS must be designed to take care of this secure issue.
That's a different issue than why mount needs setuid.
It's reasonably common to ignore setuid on user-mounted
file systems and/or NFS mounted systems. It's a security
issue. setuid would allow anybody who could do a user-mount
to take over the system. (All they would need is a setuid script
that started a shell. Poof, you are root.)
--
These are my opinions, not necessarily my employer's. I hate spam.
.
- References:
- Why 'mount' utils nees a setuid bit?
- From: xi4oyu
- Re: Why 'mount' utils nees a setuid bit?
- From: Ertugrul Söylemez
- Re: Why 'mount' utils nees a setuid bit?
- From: Sylvain Robitaille
- Re: Why 'mount' utils nees a setuid bit?
- From: Ertugrul Söylemez
- Re: Why 'mount' utils nees a setuid bit?
- From: xi4oyu
- Why 'mount' utils nees a setuid bit?
- Prev by Date: Re: Why 'mount' utils nees a setuid bit?
- Next by Date: OpenOffice.org free Office suite for Microsoft Windows, Linux, Solaris, BSD, OpenVMS, OS/2 or IRIX
- Previous by thread: Re: Why 'mount' utils nees a setuid bit?
- Next by thread: Re: Why 'mount' utils nees a setuid bit?
- Index(es):
Relevant Pages
|
|
