> If a non-root user can mount a daemon on a directory, he can somehow > mount something which provides him with an SUID shell. As I said, > I have a third-party package which can be abused in this way. Since > the problem is not the fault of the third party, I am inclined not > to reveal more detail as to what and who. OK -- don't reveal details. And don't bother to mention it here on this 'full disclosure' mailling list. Quentin