From owner-freebsd-security Fri May 17 07:51:01 1996 Return-Path: owner-security Received: (from root@localhost) by freefall.freebsd.org (8.7.3/8.7.3) id HAA21914 for security-outgoing; Fri, 17 May 1996 07:51:01 -0700 (PDT) Received: from halloran-eldar.lcs.mit.edu (halloran-eldar.lcs.mit.edu [18.26.0.159]) by freefall.freebsd.org (8.7.3/8.7.3) with SMTP id HAA21907 for ; Fri, 17 May 1996 07:50:58 -0700 (PDT) Received: by halloran-eldar.lcs.mit.edu; (5.65/1.1.8.2/19Aug95-0530PM) id AA04803; Fri, 17 May 1996 10:50:50 -0400 Date: Fri, 17 May 1996 10:50:50 -0400 From: Garrett Wollman Message-Id: <9605171450.AA04803@halloran-eldar.lcs.mit.edu> To: "Jordan K. Hubbard" Cc: freebsd-security@freebsd.org Subject: Re: very bad In-Reply-To: <13642.832322039@time.cdrom.com> References: <13642.832322039@time.cdrom.com> Sender: owner-security@freebsd.org X-Loop: FreeBSD.org Precedence: bulk < said: >> Too bad it's already on BUGTRAQ and BoS which is way more than 1000 :-( > Ah well, what's done is done. >> of such an address. The prepared fix is chmod u-s /sbin/mount_union. > It should at least return EPERM! :-) No. Users are /supposed/ to be able to use mount(2) now, if they have appropriate permissions on the source and target. This appears to be a hole in vfsload(3), which I will fix ASAP, if someone doesn't get to it before I do. -GAWollman -- Garrett A. Wollman | Shashish is simple, it's discreet, it's brief. ... wollman@lcs.mit.edu | Shashish is the bonding of hearts in spite of distance. Opinions not those of| It is a bond more powerful than absence. We like people MIT, LCS, ANA, or NSA| who like Shashish. - Claude McKenzie + Florent Vollant