Security: ``Linux-Mandrake'', a new innovative Linux-distribution available

Security: ``Linux-Mandrake'', a new innovative Linux-distribution available

Post by Frank Sweetse » Fri, 31 Jul 1998 04:00:00

> >     crying :-) Now, just click on the cd-rom icon (on your desktop)
> >     to mount and use it (it's the same for floppy disks). This is
> >     very simple and you do not need to be a privileged user for that !

> Ouch.  This is a * security hole.  There's nothing to stop
> somebody from putting a setuid program on a CD or floppy and then
> mounting it, you know.

hm... if this app works via being setuid, and doesn't mount it
nosuid,nogid,nodev then the author deserves a severe beating.  or, if it
depends on fstab entries with user specified, then it should also have
nosuid,nogid,nodev specified as well.

Frank Sweetser rasmusin at fsweetser at | PGP key available RedHat 5.1 kernel 2.1.111p1  i586  | at public servers
[ ] CPU is too slow to handle full bandwidth (NEW)
        from linux 2.1.77 make menuconfig, networking section


1. New 'Developer's Distribution'

Anyone and everyone interested in creating a new distribution of Linux,
aimed specifically at developers, please contact me at

scripts and distribution-specific programs, as well as contributing some
ideas for what developers want out of Linux.  If you have anything at all
to offer, please send me mail.

 Robert S. Liesenfeld          <>< | Mail/News/UUCP Administrator | Network Engineer | Die-hard Linux Addict ;)
 "Fnord."                          | Bitstream Underground, Mpls, MN

2. syncppp with isdn4linux and dynamic ip-assignment????

3. Balmer on Linux - "It's not innovative"

4. Can I read kmail files in any Windows mailer?

5. Let's Capitalise on Titanic: Name a new Linux Distribution

6. Printing, but /lp0 /lp1 no such device!

7. Can't login into Linux Mandrake with new user account...

8. Help: xconfig

9. 'Split kernel' linux on Sun's new Workstation


11. New port of NetBSD's ash for Linux available

12. The rise of the $99 'consumer' Linux distribution

13. O'Reilly SSH authors have new Linux security book (COMMERCIAL)