Subject: Re: normal user can bypass mount 'noexec' flags
To: John Kohl <>
From: Manuel Bouyer <>
List: tech-security
Date: 03/12/1999 13:38:30
On Thu, Mar 11, 1999 at 05:12:36PM -0500, John Kohl wrote:
> Well, you probably want to (in the case of nullfs) consider the flags
> both on the mounted-from directory and mounted-on-top-of directory, I
> think...  if I could copy a binary to a directory, but couldn't execute
> it from there, why should mounting atop it give me execute rights?
> Perhaps by doing this I can launch a trojan attack somehow...

Yes, this is true. The fix I'll propose will do this.

Manuel Bouyer <>