Bug#4902: Major security hole in xvmount

To: submit@bugs.debian.org, 4902@bugs.debian.org, Michael Meskes <meskes@Informatik.RWTH-Aachen.DE>
Subject: Bug#4902: Major security hole in xvmount
From: bruce@pixar.com (Bruce Perens)
Date: Tue, 22 Oct 96 17:24 PDT
Message-id: <[🔎] m0vFr7o-00HygzC@golem.pixar.com>
Reply-to: Bruce Perens <Bruce@Pixar.com>, 4902@bugs.debian.org

I think the package should be withdrawn for now.

If it can be made to _always_ mount with the options "nodev" and "nosuid",
and if it can be a bit nicer about not allowing mounts over /dev, someone's
home directory, etc., it would help.

	Thanks

	Bruce

--
TO UNSUBSCRIBE FROM THIS MAILING LIST: e-mail the word "unsubscribe" to
debian-devel-REQUEST@lists.debian.org . Trouble? e-mail to Bruce@Pixar.com

Reply to:

Prev by Date: kernel patch script AND Re: More Debian v1.2 things...
Next by Date: Re: More Debian v1.2 things...
Previous by thread: Bug#4902: Major security hole in xvmount
Next by thread: Bug#4903: dwww could handle info better
Index(es):
- Date
- Thread