>We called Sun today, and obviously they don't give a damn. They refuse to >consider this as a bug, as long as it is possible to correct the problem via >the rmmount.conf file (which is true). Firstly I can only give my applogies for this, and assure everyone on BUGTRAQ that I am looking into this. We at Sun do care about security and we try to react to the information we get on this forum as quickly as possible. However not everyone at Sun is security aware and people do make mistakes. The behaviour is a bug (Bug Ref# 4205437) and it is being fixed. For those people who have a service contract you should be able to call up and register your interest in that bug, it has been escalated to engineering for patch production and temporary fixes are available for those with service contracts. If you have a service contract and have any problems with this particular bug then please contact me directly with the service order number you were given by Sun Enterprise Services. Note that the following workaround is still valid: Append the following to /etc/rmmount.conf mount hsfs -o nosuid mount ufs -o nosuid -- Darren J Moffat
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:07:22 PDT