 |
 |
A note on best-of-security reports a problem with mount and umount on `all current distributions of Linux': a local unprivileged user can execute arbitrary commands as super-user, by taking advantage of a buffer overflow bug (similar to the hoary old fingerd problem). The recommended workaround is to remove the set-userid bit from the permissions of /bin/mount and /bin/umount.