[plug] Just started with linux, need help
Beau Kuiper
ekuiperba at cc.curtin.edu.au
Tue Oct 5 02:28:30 WST 1999
On Tue, 05 Oct 1999, you wrote:
> On Tue, 5 Oct 1999, Beau Kuiper wrote:
> > Slackware 4.0 already has mount set uid root, and world executable
> I am almost certain we are talking about a Redhat system.
Ah, tried that, didn't like it, found slackware 4.0, never looked at redhat
again, very happy. Of course I am not starting a distribution flamewar here, so
use whatever distribution you like :)
> > (not a problem because it does its own filtering of requests).
> Harharharharharharhar. You lose.
> Probably the best-known root-hole in recent years was the buffer overflow
> in mount of a few years back. Filtering has no effect, I'm afraid.
Doh! I will now run away and cry :-). Of course, default security on most
distributions has much to be desired. I think all distributions should ship
with very tight security BTW, but for some reason, they continue to ship with
telnet and ftp enabled :(.
> > I assume most other distributions have mount as set uid root.
> Yep, but often it is only executable by a certain group.
Ok, that would be better than world execuable.
Losing the flamewars, going for the record for being on fire the longest.
Beau Kuiper
ekuiperba at cc.curtin.edu.au
> -Greg
More information about the plug
mailing list