-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 > your comments seem contradictory to me. on the one hand you imply > that there is trust - presumably to collaborate, hence the reason > you'd want to import a foreign fs and be allowed to do so by the foreign > fs owner to start - and then you say trust is ridiculous. >
There's nothing wrong with importing a remote file system. And you're assuming that you actually need credentials to mount the remote file system. It is ridiculous to implicitly trust, yes. The mitigation of the threat (in this case) is to disallow "." from your path. If you want to go deeper you can discuss auditing your kernel and the relevant user land source code. So there is a balance between the unknown and the known and that balance is what security is all about. You isolate the problems you can as best you can. Implicitly trusting is just as dangerous as not trusting anything. D -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.6 (GNU/Linux) iD8DBQFHJC9syWX0NBMJYAcRAqyKAKCm9gId4hO1oKYMV3Ke6EpTqeNxCQCgvGRl HXFzFwvt1R7CDX1AjUjzxIg= =WOs0 -----END PGP SIGNATURE-----
