This is the mail archive of the
cygwin-patches@cygwin.com
mailing list for the Cygwin project.
RE: Fixing a security hole in mount table.
- From: "Gary R Van Sickle" <tiberius at braemarinc dot com>
- To: <cygwin-patches at cygwin dot com>
- Date: Tue, 9 Sep 2003 10:00:13 -0500
- Subject: RE: Fixing a security hole in mount table.
> Christopher Faylor wrote:
>
> > I wonder if it is time to bite the bullet and get rid of user-mode
> > mounts entirely. Or maybe disallow them in suid'ed sessions? They
> > are always going to be a security hole AFAICT.
>
> I think that would be a bad idea. What if I want to install
> a private
> version of cygwin on a machine to which I don't have Admin access?
> (ITFascists can shut up right now; I'm not listening..."You
> vill use de
> Microsoft Application Suite ve haf provided, and nuzzing else!")
I like to refer to them as "the MIStapo" ;-).
--
Gary R. Van Sickle
Braemar Inc.
11481 Rupp Dr.
Burnsville, MN 55337