Subject: Re: Mounting as read-write
To: None <port-i386@netbsd.org>
From: Christian Biere <christianbiere@gmx.de>
List: port-i386
Date: 01/27/2004 18:40:06
--4SFOXa2GPu3tIq4H
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Christos Zoulas wrote:
> 1. mounting corrupted filesystems can lead to crashes.
> 2. a user can create a setuid binary on another system and run it on yours
> 3. a user can create a device [such as a raw disk] on his filesystem and
> thus get access to your devices.
=20
> For 2,3 you can use an amd map that mounts nodev,nosuid and for 1, you
> can use the amd mount command to force an fsck. Not very nice but...
Or you can use sudo, if you don't want to use amd.
--=20
Christian
--4SFOXa2GPu3tIq4H
Content-Type: application/pgp-signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (NetBSD)
iD8DBQFAFqJ20KQix3oyIMcRAnOUAJ9iQtVKxLJ+kImO5RHUrFEg/vGr0QCgs9gw
GdIfaCkv9Q8CL2p4nRmp+DE=
=em3b
-----END PGP SIGNATURE-----
--4SFOXa2GPu3tIq4H--