[5880] in bugtraq
Re: AIX 4.x Mount
daemon@ATHENA.MIT.EDU (Troy A. Bollinger)
Mon Dec 29 03:45:10 1997
Date: Mon, 29 Dec 1997 00:48:45 -0600
Reply-To: "Troy A. Bollinger" <troy@AUSTIN.IBM.COM>
From: "Troy A. Bollinger" <troy@AUSTIN.IBM.COM>
X-To: ryan@PHAEDO.COM
To: BUGTRAQ@NETSPACE.ORG
In-Reply-To: <Pine.LNX.3.96.971228221913.31853B-100000@camus.phaedo.com> from
"S. Ryan Quick" at "Dec 28, 97 10:26:17 pm"
-----BEGIN PGP SIGNED MESSAGE-----
S. Ryan Quick wrote:
> My apologies if this is known already . . . however, I've seen nothing about
> it and it does concern me. I have verified a problem with mount on AIX 4.1.3,
> 4.1.4, 4.2.0, and 4.2.1 which allows a normal user to mount any filesystem
> (including those already mounted by the system) on top of any writable
> space.
>
This has been fixed in the gold release of AIX 4.3.0. To my knowledge,
there are no current plans to backport this fix.
> I have notified IBM of the problem . . . they have yet to respond.
>
Feel free to contact me with the PMR number and I'll make sure you get
an official response.
Thanks.
- --
Troy Bollinger troy@austin.ibm.com
AIX Security Development security-alert@austin.ibm.com
PGP keyid: 1024/0xB7783129 Troy's opinions are not IBM policy
-----BEGIN PGP SIGNATURE-----
Version: PGP for Personal Privacy 5.0
Charset: noconv
iQCVAwUBNKdHqMjqvEm3eDEpAQEF9wQAlX/1d+c66dZk9CqESFC6y78Zf0mssXTP
huNGPuCrcK2SLr0n3GveybVlvnh0wZYZRfun+ZuLtNLy2HWIYak/1g17X8GgEhqh
vYO8qbWx0jP+Hi2Njhg1mDqBofCkw+539Xdap4IDDVfg6YlRlYSGtCCMWwGPCzlu
PE5DMoL2/vY=
=7HwX
-----END PGP SIGNATURE-----
