Products Openwall GNU/*/Linux   server OS John the Ripper   password cracker Free & Open Source for any platform Pro for Linux (RPM package) Pro for Mac OS X (dmg package) Wordlists   for password cracking passwdqc   policy enforcement phpass   password hashing in PHP crypt_blowfish   ditto in C/C++ tcb   better password shadowing Pluggable Authentication Modules scanlogd   port scan detector popa3d   tiny POP3 daemon blists   web interface to mailing lists msulogin   single user mode login Services Publications Articles Presentations Community Mailing lists Community wiki Donations Resources Source code repository (CVSweb) File archive & mirrors How to verify digital signatures Password recovery resources Recommended books What's new

Date: Thu, 31 Mar 2011 12:55:47 -0500
From: "Patrick J. Volkerding" <security@...ckware.com>
To: oss-security@...ts.openwall.com
Subject: Re: Suid mount helpers fail to anticipate RLIMIT_FSIZE

On 03/31/2011 08:43 AM, Dan Rosenberg wrote:
> I'd also
> like to see distributions migrating away from /etc/mtab in general,
> since /proc/mounts seems like a much better replacement.

I imagine that mount's -f (fake mount by editing mtab) and -n (mount 
without editing mtab) options are not going to work if /etc/mtab becomes 
a symbolic link to /proc/mounts, so that's liable to break a few things. 
  In the long run it does seem like a good plan, but there might be a 
few bumps in the road.  I wonder what the rationale was for faking mtab 
mounts in the first place?

Powered by blists - more mailing lists

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ