Thanks for the quick reaction. At first I didn't think of it as a security issue, but after submitting I realized that, since it ignores the read-only request without any notification, a sysadmin (or a script) may think that the filesystem is mounted read-only when in fact it is not, leaving the mounted filesystem unprotected against an attacker's writes.
- Bug#980828: `mount` succeeds without honouring `-r` fla... Pedro Gimeno
- Bug#980828: `mount` succeeds without honouring `-r... Chris Hofstaedtler
- Bug#980828: marked as pending in util-linux Pedro Gimeno
