Re: SECURITY PROBLEM: autofs [all versions]

To: Alexander Hvostov <vulture@aoi.dyndns.org>
Cc: debian-security@lists.debian.org
Subject: Re: SECURITY PROBLEM: autofs [all versions]
From: Wichert Akkerman <wichert@cistron.nl>
Date: Mon, 3 Jul 2000 23:12:58 +0200
Message-id: <[🔎] 20000703231258.A738@cistron.nl>
Mail-followup-to: Alexander Hvostov <vulture@aoi.dyndns.org>, debian-security@lists.debian.org
In-reply-to: <[🔎] Pine.LNX.4.21.0007031230040.2297-100000@cornerstone.core.aoi>; from vulture@aoi.dyndns.org on Mon, Jul 03, 2000 at 12:30:11PM -0700
References: <[🔎] 20000703203637.A19150@cistron.nl> <[🔎] Pine.LNX.4.21.0007031230040.2297-100000@cornerstone.core.aoi>

Previously Alexander Hvostov wrote:
> So is root's password. ;)

Yes, but if it is enabled all users can use sysrq to kill a lock.
Also please realize using a root password to unlock a lock is dangerous,
since you never know if you are dealing with the real lock program
or a fake.

Wichert.

-- 
  _________________________________________________________________
 / Generally uninteresting signature - ignore at your convenience  \
| wichert@wiggy.net                   http://www.liacs.nl/~wichert/ |
| 1024D/2FA3BC2D 576E 100B 518D 2F16 36B0  2805 3CB8 9250 2FA3 BC2D |

Attachment: pgpFqXHdpkXbp.pgp
Description: PGP signature

Reply to:

Follow-Ups:
- Sheesh .. talk about beating a dead horse (autofs)
  - From: Martin Bogomolni <martinb@andover.net>

References:
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Wichert Akkerman <wichert@cistron.nl>
- Re: SECURITY PROBLEM: autofs [all versions]
  - From: Alexander Hvostov <vulture@aoi.dyndns.org>

Prev by Date: Re: SECURITY PROBLEM: autofs [all versions]
Next by Date: Sheesh .. talk about beating a dead horse (autofs)
Previous by thread: Re: SECURITY PROBLEM: autofs [all versions]
Next by thread: Sheesh .. talk about beating a dead horse (autofs)
Index(es):
- Date
- Thread