Package: mount Version: 2.17.2-9 Severity: minor Tags: upstream
Hi, The mount man page documents the nosuid option as follows: "Do not allow set-user-identifier or set-group-identifier bits to take effect. (This seems safe, but is in fact rather unsafe if you have suidperl(1) installed.)" However, this is not quite correct. It disables the use of setuid/setgid executables. However, it does not affect setgid/setuid directories. The documentation might read better as: "Do not allow set-user-identifier or set-group-identifier bits to take effect on executables. (This seems safe, but is in fact rather unsafe if you have suidperl(1) installed.)" -- System Information: Debian Release: 6.0.2 APT prefers stable APT policy: (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 2.6.38-2-amd64 (SMP w/16 CPU cores) Locale: LANG=en_CA.UTF-8, LC_CTYPE=en_CA.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Versions of packages mount depends on: ii libblkid1 2.17.2-9 block device id library ii libc6 2.11.2-10 Embedded GNU C Library: Shared lib ii libselinux1 2.0.96-1 SELinux runtime shared libraries ii libsepol1 2.0.41-1 SELinux library for manipulating b ii libuuid1 2.17.2-9 Universally Unique ID library mount recommends no packages. Versions of packages mount suggests: ii nfs-common 1:1.2.2-4 NFS support files common to client -- no debconf information -- To UNSUBSCRIBE, email to debian-bugs-dist-requ...@lists.debian.org with a subject of "unsubscribe". Trouble? Contact listmas...@lists.debian.org
