Subject: Re: normal user can bypass mount 'noexec' flags
To: John Kohl <jtk@kolvir.arlington.ma.us>
From: Manuel Bouyer <bouyer@antioche.eu.org>
List: tech-security
Date: 03/12/1999 13:38:30
On Thu, Mar 11, 1999 at 05:12:36PM -0500, John Kohl wrote:
> Well, you probably want to (in the case of nullfs) consider the flags
> both on the mounted-from directory and mounted-on-top-of directory, I
> think...  if I could copy a binary to a directory, but couldn't execute
> it from there, why should mounting atop it give me execute rights?
> Perhaps by doing this I can launch a trojan attack somehow...
> 

Yes, this is true. The fix I'll propose will do this.

--
Manuel Bouyer <bouyer@antioche.eu.org>
--