Re: suid-perl

To: Chip Salzenberg <chip@perlsupport.com>
Cc: debian-devel@lists.debian.org
Subject: Re: suid-perl
From: Jules Bean <jmlb2@hermes.cam.ac.uk>
Date: Sun, 31 Jan 1999 23:28:54 +0000 (GMT)
Message-id: <[🔎] Pine.SOL.3.95q.990131232833.3831F-100000@red.csi.cam.ac.uk>
In-reply-to: <[🔎] 19990131181620.F16021@perlsupport.com>

On Sun, 31 Jan 1999, Chip Salzenberg wrote:

> According to Jules Bean:
> > On Sun, 31 Jan 1999, Chip Salzenberg wrote:
> > > Every OS has a different set of mount options that may or may not be
> > > relevant to setuid security.  I don't see what 'higher level' would be
> > > useful.
> > 
> > The correct solution to this, surely, is for the mount nosuid to actually
> > strip the suid bits of any files.  So that any calls to stat() on a floppy
> > simply won't see suid bits.
> 
> I can see it both ways.
> 
> Consider that I may wish to mount a filesystem nosuid for the purpose
> of making a tape backup.  Would I want the suid bits turned off in the
> backup image?  I think not.

Why not just mount it somewhere only you can get at it?

Jules

/----------------+-------------------------------+---------------------\
|  Jelibean aka  | jules@jellybean.co.uk         |  6 Evelyn Rd	       |
|  Jules aka     | jules@debian.org              |  Richmond, Surrey   |
|  Julian Bean   | jmlb2@hermes.cam.ac.uk        |  TW9 2TF *UK*       |
+----------------+-------------------------------+---------------------+
|  War doesn't demonstrate who's right... just who's left.             |
|  When privacy is outlawed... only the outlaws have privacy.          |
\----------------------------------------------------------------------/

Reply to:

Follow-Ups:
- Re: suid-perl
  - From: Chip Salzenberg <chip@perlsupport.com>

References:
- Re: suid-perl
  - From: Chip Salzenberg <chip@perlsupport.com>

Prev by Date: Re: suid-perl
Next by Date: Re: Do not pull a package!
Previous by thread: Re: suid-perl
Next by thread: Re: suid-perl
Index(es):
- Date
- Thread