Re: List of bugs that *must* be fixed before releasing Slink
wakkerma@cs.leidenuniv.nl (Wichert Akkerman) wrote on 31.01.99 in <[🔎] 19990131140716.C2824@cs.leidenuniv.nl>:
> Previously Michael Stone wrote:
> > > perl-suid 31904 [B.A.McCauley@BHAM.AC.UK: Secuity hole with pe=
> rl (suidperl) and nosuid mounts on Linux] [13] (Darren Stalder <torin@daft=
.com>> )
> >=20
> > I'm not sure there's much we can do about this one--it's a library (kerne=
> l?)
> > problem. Perhaps a note in the postinst that the 'nosuid' mount option wo=
> n't
> > work, and a suggestion that care be taken with user-mountable media?
>
> What perl-suid should do is check the mountoptions for the filesystem on
> which the script resides and abort if that was mounted with nosuid.
> Should be quite simple actually..
That is more than a little gross.
I'm not convinced that that solution doesn't do more harm than the problem
it is trying to fix.
MfG Kai
Reply to: