AW: Bug#4902: Major security hole in xvmount

To: 4902-done@bugs.debian.org
Cc: ossk@zeus.ph1.Uni-Koeln.DE, meskes@Informatik.RWTH-Aachen.DE, debian-devel@lists.debian.org, bruce@pixar.com
Subject: AW: Bug#4902: Major security hole in xvmount
From: Volker Ossenkopf <ossk@zeus.ph1.Uni-Koeln.DE>
Date: Wed, 19 Mar 1997 11:19:29 +0100
Message-id: <[🔎] 332FBDB1.42AB435D@zeus.ph1.uni-koeln.de>

I have uploaded the corrected package xvmount_3.6-2
to master. Here, the default settings for the
mount permissions are equivalent to 'user' in
normal mounts, i.e. nodev, noexec, and nosuid.
They can be overwritten by root in the configuration
file /etc/xvmounttab. The use of an alternative
configuration file by the environment variable
XVMOUNTPATH is disabled now, so that all security 
holes should be closed.

Best wishes -- Volker

---------------------------------------------------------------------
Volker Ossenkopf    KOSMA (Kölner Observatorium für submm-Astronomie)
Tel.: 0221 4703485                    1. Physikalisches Institut der
Fax.: 0221 4705162                               Universität zu Köln
E-Mail: ossk@zeus.ph1.uni-koeln.de
---------------------------------------------------------------------

Reply to:

Prev by Date: Re: should I be creating /dev/sr[01] devices?
Next by Date: AW: auto bugreport
Previous by thread: AW: Bug#4902: Major security hole in xvmount
Next by thread: subscribe
Index(es):
- Date
- Thread