Re: suid-perl
On Sun, 31 Jan 1999, Chip Salzenberg wrote:
> According to Jules Bean:
> > On Sun, 31 Jan 1999, Chip Salzenberg wrote:
> > > Every OS has a different set of mount options that may or may not be
> > > relevant to setuid security. I don't see what 'higher level' would be
> > > useful.
> >
> > The correct solution to this, surely, is for the mount nosuid to actually
> > strip the suid bits of any files. So that any calls to stat() on a floppy
> > simply won't see suid bits.
>
> I can see it both ways.
>
> Consider that I may wish to mount a filesystem nosuid for the purpose
> of making a tape backup. Would I want the suid bits turned off in the
> backup image? I think not.
Why not just mount it somewhere only you can get at it?
Jules
/----------------+-------------------------------+---------------------\
| Jelibean aka | jules@jellybean.co.uk | 6 Evelyn Rd |
| Jules aka | jules@debian.org | Richmond, Surrey |
| Julian Bean | jmlb2@hermes.cam.ac.uk | TW9 2TF *UK* |
+----------------+-------------------------------+---------------------+
| War doesn't demonstrate who's right... just who's left. |
| When privacy is outlawed... only the outlaws have privacy. |
\----------------------------------------------------------------------/
Reply to: