Re: SECURITY PROBLEM: autofs [all versions]
heh, it wont even boot on my athlon let alone be stable
tim.
Failure is not an option. It comes bundled with your Microsoft product.
-- Ferenc Mantfeld
On Tue, 4 Jul 2000, Christopher W. Curtis wrote:
> Nathan Paul Simons wrote:
> >
> > Yeah, but a lot of our users like to use these machines remotely
> > because they can rely on them not to be in Windows (unlike our other
> > dual boot clients). We try to keep only stable releases running on
> > our production net machines so that we don't have to hard boot them.
>
> Hrm. Even stable isn't stable on my Athlon. :(
>
> The same applied to my Alpha, but it didn't have a reset button anyway.
> (Turns out to have been a hardware problem.)
>
> > We figure that the usermount option (with appropriate nosuid,
> > nodev, and noexec options) in /etc/fstab are good enough. Confusing to
> > some users at first, but they learn quickly enough.
>
> It's also superior to the autofs option (as you'd see if you follwed my
> thread on the autofs list -- warning, it involves silly statements by
> RMS, terse retorts by hpa, and my usual long-windedness). Luckily, the
> /etc/fstab entry is sane. Autofs makes things easy, but it shouldn't
> distribute security problems. Luckily, only the yp server needs to be
> updated.
>
> Christopher
>
>
> --
> To UNSUBSCRIBE, email to debian-security-request@lists.debian.org
> with a subject of "unsubscribe". Trouble? Contact listmaster@lists.debian.org
>
>
Reply to: