https://bugzilla.novell.com/show_bug.cgi?id=463524
User mc@novell.com added comment
https://bugzilla.novell.com/show_bug.cgi?id=463524#c1
Michael Calmer changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|NEW |RESOLVED
Resolution| |INVALID
--- Comment #1 from Michael Calmer 2009-01-10 08:43:25 MST ---
If I remember correctly, we had a security fix for pam_mount (11.0) because of
these ignored options.
Thank you for testing, that this is working.
You can simply define what options are allowed and what options should be
denied and what options are required. But you must do this in
/etc/security/pam_mount.conf.xml
Normal user can only use, what the admin allow to use.
########### from /etc/security/pam_mount.conf.xml #############
<mntoptions
allow="nosuid,nodev,loop,encryption,fsck,nonempty,allow_root,allow_other"/>
<!--
<mntoptions deny="suid,dev" />
<mntoptions allow="*" />
<mntoptions deny="*" />
-->
<mntoptions require="nosuid,nodev"/>
################################################################
closing as "invalid" because this is a missconfiguration.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.