Hi, While mounting a CD-ROM from some magazine I have found a bug in linux kernel or mount program. My /etc/fstab contains: /dev/cdrom /mnt/cdrom iso9660 user,noauto,ro,noexec,check=relaxed 0 0 /dev/cdrom is: brw-r--r-- 1 root root 22, 0 cze 1 1998 /dev/cdrom /mnt/cdrom is: drwxr-xr-x 2 root root 1024 gru 29 1997 /mnt/cdrom When mounting cdrom as normal user: [jacek@koniu jacek]$mount -v /mnt/cdrom /dev/cdrom on /mnt/cdrom type iso9660 (ro,noexec,nosuid,nodev,check=relaxed) But: [jacek@koniu jacek]$ls -l /mnt/cdrom/index.htm -r-xr-xr-x 1 root root 869 lis 15 1997 /mnt/cdrom/index.htm As you can see the file (and all other files on the CD) have all execute bit set, although filesystem is mounted by user and with "noexec". I am not sure what type of filesystem it is, probably some kind of Joliet, but this means that one can prepare a CDROM so it can start programs from it even on system he isn't supposed to do so. [jacek@koniu jacek]$uname -r 2.2.5 [jacek@koniu jacek]$rpm -q mount mount-2.7l-3 Greets, Jacek -- +---------+--------------------------------------------------------+ ! , ! Jacek Konieczny, Gliwice, Poland ! ! Jajcus ! email: jajcusat_private, jacekat_private ! ! ! ICQ# 7149127 WWW: none (yet) ! +---------+--------------------------------------powered-by-Linux--+
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:43:12 PDT