Re: Security hole in linux-2.0.31-pre9 (NFS related)

Hubert Mantel (mantel@suse.de)
Tue, 7 Oct 1997 19:50:07 +0200 (MEST)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Harald Koenig: "ldconfig bug ?"
Previous message: Cristian Candet: "Re: Another one?"

Hi,

On Tue, 7 Oct 1997, Pavel Machek wrote:

> > The file is on a NFS-mounted filesystem with root_squash, so root cannot
> > read the file:
> >
> > Mandelbrot:/home/alex/mantel/Kernel # cat test
> > cat: test: I/O error
> > Mandelbrot:/home/alex/mantel/Kernel # cat test
> > cat: test: Permission denied
> >
> > Now, after the owner has read the file on the same machine, it is readable
> > by root afterwards:
> >
> > Mandelbrot:/home/alex/mantel/Kernel # cat test
> > blabla
>
> This _has_ to be this way. Imagine root su-ing to given user (he can
> do that). Nono. You'll need all-squash.

You're right. This bug doesn't open any new security hole. So it's simply
ugly ;-)

> Pavel

Hubert

Next message: Harald Koenig: "ldconfig bug ?"
Previous message: Cristian Candet: "Re: Another one?"