Subject: Re: mount_ados
To: None <>
From: Ty Sarna <>
List: amiga
Date: 12/04/1994 19:40:15
In article <>,
Markus Illenseer <markus@TechFak.Uni-Bielefeld.DE> wrote:
> On Dec 4,  1:08pm, Niklas Hallqvist wrote:
> > That's a bug, I think everyone agrees.  On the question of the reason
> > why users should be able to mount filesystems, I think it's good that
> > users are able to mount self-supplied floppies.  Or is that a security
> > problem?  I don't think so.
>  Actually it is a security problem, several trojan horses
> and simple SUID-programs can be made available via floppy.

How? Amiga filesystems don't have a SUID bit, so you can't have a suid
program on one. They don't have device nodes, so you can't introduce
holes that way. As long as adosfs is changed to implement the proper
restrictions on where a filesystem can be mounted by a user, like mdosfs
does, there are no security problems I can see.

Ty Sarna                 "You know, we live in the age of the superhighway        information network thing..." -- Dave Letterman