Fixing a security hole in mount table.

Charles Wilson cygwin@cwilson.fastmail.fm
Tue Sep 9 03:38:00 GMT 2003


Christopher Faylor wrote:

> I wonder if it is time to bite the bullet and get rid of user-mode
> mounts entirely.  Or maybe disallow them in suid'ed sessions?  They
> are always going to be a security hole AFAICT.

I think that would be a bad idea.  What if I want to install a private 
version of cygwin on a machine to which I don't have Admin access? 
(ITFascists can shut up right now; I'm not listening..."You vill use de 
Microsoft Application Suite ve haf provided, and nuzzing else!")

--
Chuck





More information about the Cygwin-patches mailing list