In article <9412041739.AA06833@jade.techfak.uni-bielefeld.de>,
Markus Illenseer <markus@TechFak.Uni-Bielefeld.DE> wrote:
> On Dec 4,  1:08pm, Niklas Hallqvist wrote:
> > That's a bug, I think everyone agrees.  On the question of the reason
> > why users should be able to mount filesystems, I think it's good that
> > users are able to mount self-supplied floppies.  Or is that a security
> > problem?  I don't think so.
> 
>  Actually it is a security problem, several trojan horses
> and simple SUID-programs can be made available via floppy.

How? Amiga filesystems don't have a SUID bit, so you can't have a suid
program on one. They don't have device nodes, so you can't introduce
holes that way. As long as adosfs is changed to implement the proper
restrictions on where a filesystem can be mounted by a user, like mdosfs
does, there are no security problems I can see.

-- 
Ty Sarna                 "You know, we live in the age of the superhighway
tsarna@endicor.com        information network thing..." -- Dave Letterman