[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

AW: Bug#4902: Major security hole in xvmount

I have uploaded the corrected package xvmount_3.6-2
to master. Here, the default settings for the
mount permissions are equivalent to 'user' in
normal mounts, i.e. nodev, noexec, and nosuid.
They can be overwritten by root in the configuration
file /etc/xvmounttab. The use of an alternative
configuration file by the environment variable
XVMOUNTPATH is disabled now, so that all security 
holes should be closed.

Best wishes -- Volker

Volker Ossenkopf    KOSMA (Kölner Observatorium für submm-Astronomie)
Tel.: 0221 4703485                    1. Physikalisches Institut der
Fax.: 0221 4705162                               Universität zu Köln
E-Mail: ossk@zeus.ph1.uni-koeln.de

Reply to: