Date: Tue, 13 Nov 2001 09:31:44 +0100 (CET) From: Christoph Kukulies <kuku@gilberto.physik.rwth-aachen.de> To: freebsd-security@freebsd.org Subject: nosuid, suidperl Message-ID: <200111130831.fAD8Vik70191@gilberto.physik.rwth-aachen.de>
next in thread | raw e-mail | index | archive | help
When mounting a CD or other removable media mounting it noexec,nosuid
should prevent from running suid programs and compromising the system.
The mount(8) manpage says:
nosuid Do not allow set-user-identifier or set-group-identifier
bits to take effect. Note: this option is worthless if a
public available suid or sgid wrapper like suidperl(1) is
installed on your system.
In howfar does this compromise security?
What can one do about it? (having suidperl in the system and having
security)
--
Chris Christoph P. U. Kukulies kuku@gil.physik.rwth-aachen.de
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200111130831.fAD8Vik70191>