Hello, It would be pretty helpful, if someone could give me some comments about this one: <http://git.kernel.org/?p=utils/util-linux-ng/util-linux-ng.git;a=commit;h=ebbeb2c7ac1b00b6083905957837a271e80b187e> I don't request an exploit, but it would be nice to know if this is a critical one, which has to be patched. As there seems to be no new version of util-linux, maybe there is no need to patch immediately, but maybe I'm wrong. Could someone please answer the following with Yes or No: - Is it really possible to confuse the code, just because of the wrong order of setgid and setuid? - If someone manages to keep root privileges at this point, then he would be able to call the helper with root privileges and so, for example, overmount /sbin with any NFS server, he wants, right? Thank you very much in advance Yours Manuel -- Psssst! Schon vom neuen GMX MultiMessenger gehört? Der kann`s mit allen: http://www.gmx.net/de/go/multimessenger?did=10 - To unsubscribe from this list: send the line "unsubscribe util-linux-ng" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
