Date: Sun, 23 Jul 2000 19:14:10 -0600 (MDT) From: Paul Hart <hart@iserver.com> To: "Thomas R. Stromberg" <tstromberg@rtci.com> Cc: freebsd-security@FreeBSD.ORG Subject: Re: Status of FreeBSD security work? Audit, regression and crypto swap? Message-ID: <Pine.BSF.4.21.0007231906050.32554-100000@anchovy.orem.iserver.com> In-Reply-To: <39788D89.56359DCA@rtci.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Fri, 21 Jul 2000, Thomas R. Stromberg wrote: > Ive also messed around with storing my home directory in cfs, until I > forgot its password :( One other bad thing about using CFS for a home directory is the fact that cdetach cannot make distinctions about whether it is the owner of the CFS mount who is detaching it. As long as you know the name of the mount you can detach mounts belonging to other people. Since your home directory needs to be a fixed (and well-known) path name, you can become vulnerable to a lame variety of denial-of-service attack against your account. Paul Hart -- Paul Robert Hart ><8> ><8> ><8> Verio Web Hosting, Inc. hart@iserver.com ><8> ><8> ><8> http://www.iserver.com/ To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0007231906050.32554-100000>