Bug#4902: Major security hole in xvmount
Package: xvmount
Version: 3.6-1
xvmount is a major security hole. The standard installation enables EVERY
user to mount a cdrom or a floppy or a dos partition into the directory
tree. The mountpoint doesn't even have to be owned by the user running
xvmount since the program is suid root.
This is a very bad idea. Just copy bash onto a floppy and make it suid root
on your own machine et voila you'll be root on every machine with xvmount.
And the the description says:
Description: xvmount is a small utility for mounting devices by normal
users. It recognizes the following filesystem types: minix,
ext, ext2, msdos, xiafs and iso9660/High Sierra. It has a
simple OpenLook based user interface. It avoids possible
security holes opened by making mount suid root.
I'm sorry but how can you call this avoiding security holes.
Michael
--
Michael Meskes | _____ ________ __ ____
meskes@informatik.rwth-aachen.de | / ___// ____/ // / / __ \___ __________
meskes@sanet.de | \__ \/ /_ / // /_/ /_/ / _ \/ ___/ ___/
meskes@debian.org | ___/ / __/ /__ __/\__, / __/ / (__ )
Use Debian GNU/Linux! | /____/_/ /_/ /____/\___/_/ /____/
--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com
Reply to: