tech-security: Re: NetBSD Security Advisory 2000-001

Subject: Re: NetBSD Security Advisory 2000-001
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
From: Hubert Feyrer <feyrer@rfhs8012.fh-regensburg.de>
List: tech-security
Date: 02/15/2000 23:46:57

  by redmail.netbsd.org with SMTP; 15 Feb 2000 22:47:01 -0000
	by rfhs8012.fh-regensburg.de (8.9.3/8.9.3) with ESMTP id XAA28914;
	Tue, 15 Feb 2000 23:46:40 +0100 (MET)
Date: Tue, 15 Feb 2000 23:46:57 +0100 (MET)
From: Hubert Feyrer <feyrer@rfhs8012.fh-regensburg.de>
Reply-To: hubert.feyrer@informatik.fh-regensburg.de
To: Manuel Bouyer <bouyer@antioche.lip6.fr>
cc: Chris Jones <chris@cjones.org>, tech-security@netbsd.org
Subject: Re: NetBSD Security Advisory 2000-001
In-Reply-To: <20000215230900.A6739@antioche.lip6.fr>
Message-ID: <Pine.GSO.4.10.10002152345400.12675-100000@rfhpc8320.fh-regensburg.de>
MIME-Version: 1.0
Content-Type: TEXT/PLAIN; charset=US-ASCII

On Tue, 15 Feb 2000, Manuel Bouyer wrote:
> > What about user mounts of procfs filesystems?
> Are regular users really allowed to mount procfs ???

miyu% cd /tmp
miyu% mkdir xxx
miyu% mount -t procfs bla /tmp/xxx
miyu% ls /tmp/xxx
0       221     252     341     366     377     387     446     494
1       222     284     342     369     378     388     462     495
...

This is on 1.4.2_ALPHA (which, I think the SA should have noted, is not
vulnerable).


 - Hubert

-- 
NetBSD - Better for your uptime than Viagra