On Wed, Jan 18, 2006 at 10:39:21AM -0500, J. Milgram wrote: > Idle question: do iso9660 filesystems with RR extensions include suid > bits? Does "mount" honor them by default? (my working answers so far are > "don't know" and "hopefully not")
According to the man page for mkisofs, suid bits are not cleared unless you use -r when making the image: If any of the special mode bits are set, clear them, because file locks are not useful on a read-only file system, and set-id bits are not desirable for uid 0 or gid 0. So the answers are probably "yes" and "probably." > Also, can someone explain this comment in the "mount" man page? > > nosuid Do not allow set-user-identifier or set- > group-identifier bits to take effect. (This > seems safe, but is in fact rather unsafe if > you have suidperl(1) installed.) As far as I can tell, this is typical editorializing in the Linux man pages. My interpretation is that "suidperl used to be horrible, and it still has the reputation of being horrible, especially under Linux, and the partial measures that Linux takes to clear out the environment and so on in the event of loading a s[gu]id binary don't happen when the FS is mounted nosuid, so suidperl is even worse." This has not been confirmed by examining the source. Ben -- Ben Stern UNIX & Networks Monkey [EMAIL PROTECTED] This post does not represent FTI, even if I claim it does. Neener neener. UM Linux Users' Group Electromagnetic Networks Microbrew Software
