> > Hi, > > Are there some critical programs that use the getmntent(3C) sets of functions? > > I ask that because under Solaris 2.4, the /etc/mnttab is like this (666): > % ll /etc/mnttab > -rw-rw-rw- 1 root root 409 Jan 6 13:25 /etc/mnttab Ours is mode 644. It has to be readable for things like df to work. Only root needs to be able to write to the file, when mounting file systems, changeing quota, and such. Note, that atleast on our system, quotaon sets the mode to 600 and this break the df command (and quota -v for the user if memory serves) Anyways, 644 should make all the user commands happy, without letting people muck up the file on you. > > The man says: > The file mnttab resides in /etc and contains information > about devices that are currently mounted. mnttab is read by > programs using the routines described in getmntent(3C). > > So if there is any critical program using this file, it can be subverted. > rite? > > Phil. > -- > > Philippe Langlois -- Net & Unix Admin @ World Net, Paris, France. < > > Email: phil@worldnet.sct.fr "after all, we're all alike!" < > > Internet Access at high speed in France? --Sure, but with us! < > -- Davide Gaetano sysdfg@gsusgi1.gsu.edu