This is the mail archive of the
mailing list for the Cygwin project.
Re: Fixing a security hole in mount table.
Christopher Faylor wrote:
I wonder if it is time to bite the bullet and get rid of user-mode
mounts entirely. Or maybe disallow them in suid'ed sessions? They
are always going to be a security hole AFAICT.
I think that would be a bad idea. What if I want to install a private
version of cygwin on a machine to which I don't have Admin access?
(ITFascists can shut up right now; I'm not listening..."You vill use de
Microsoft Application Suite ve haf provided, and nuzzing else!")