COMMAND

    rmount

SYSTEMS AFFECTED

    SunOS 5.7

PROBLEM

    Jonas  Stahre  found  following.   The  man-page for rmmount under
    SunOS 5.7 says:

        File systems mounted by rmmount  are always mounted with the
        nosuid  flag  set,  thereby  disabling  set-uid programs and
        access to block or character devices in  that  file  system.

    ...this  is  unfortunately  wrong.   All  you  have  to  do to get
    root-privileges is to  insert a floppy/cdrom  with a setuid  shell
    and a volcheck and an evil grin later you have a root prompt.

SOLUTION

    There is a workaround that  fix the problem, just add  these lines
    to your /etc/rmmount.conf:

        mount floppy* -o nosuid
        mount cdrom* -o nosuid

    (Rumours say that using a  SunOS 5.6 rmmount binary would  fix the
    problem, but this is not tested).  This was tested only on  Ultra5
    with floppies on SunOS 5.7, but  surely it works on all SunOS  5.7
    machines (with floppy and/or cdrom).