On Wed, Sep 15, 2010 at 03:09:39PM -0400, Robert P. J. Day wrote:
> i'm experimenting with some basic removable media mounting
> exercises for an upcoming class, and i read that, while you can use
> gconf-editor to change some of the mount options in cases like that,
> there is no way to override the mount options of nodev, noexec and
> nosuid. for example, that claim is made here (admittedly for fedora,
> but it appears to be true for centos as well):
>
> http://scrolls.mafgani.net/2007/03/gnome-automount-options/
>
> is there somewhere that one could see and verify that those options
> always hold for mountable filesystems on removable media? thanks.
I'm sure you could look in the source for verification.
But as for *why*: if you could mount removable media with suid executables
or device files, in order to get root access on a system, all you'd need to
do is make a filesystem containing a setuid root shell. Or a world rw
/dev/sda.
--
Matthew Miller mattdm@xxxxxxxxxx <http://mattdm.org/>
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos
