[38976] in bugtraq
davfs2 does not honour Unix permissions
daemon@ATHENA.MIT.EDU (martin f krafft)
Wed May 25 17:06:54 2005
Date: Wed, 25 May 2005 22:09:40 +0200
From: martin f krafft <madduck@madduck.net>
To: full-disclosure people <full-disclosure@lists.netsys.com>,
bugtraq <bugtraq@securityfocus.com>
Message-ID: <20050525200940.GA12333@cirrus.madduck.net>
Mail-Followup-To: full-disclosure people <full-disclosure@lists.netsys.com>,
bugtraq <bugtraq@securityfocus.com>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
protocol="application/pgp-signature"; boundary="cNdxnHkX5QqsyA0e"
Content-Disposition: inline
--cNdxnHkX5QqsyA0e
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
davfs2 is a user-space tool to mount DAV resources into the Unix
directory tree, using the Coda kernel filesystem as a backplane.
Unfortunately, Andrew Pimlott discovered that such a mounted
filesystem does not honour the Unix permissions that stat()
presents. Details are here:
http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=3D310757
If anyone knows how to fix this, please get in touch with me. Given
the impending Debian release, this is an urgent matter as davfs2
will have to be removed from Debian stable if no fix could be found
by Friday.
Cheers,
--=20
martin; (greetings from the heart of the sun.)
\____ echo mailto: !#^."<*>"|tr "<*> mailto:" net@madduck
=20
invalid/expired pgp subkeys? use subkeys.pgp.net as keyserver!
spamtraps: madduck.bogus@madduck.net
=20
why didn't noah swat those two mosquitoes?
--cNdxnHkX5QqsyA0e
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.1 (GNU/Linux)
iD8DBQFClNuEIgvIgzMMSnURArrFAKC9OBkYZFNMxjIykgzpuZXlLtL0KgCdGBbM
Jnu71kLARGWS7TC7XgiVH/8=
=nih7
-----END PGP SIGNATURE-----
--cNdxnHkX5QqsyA0e--
