home *** CD-ROM | disk | FTP | other *** search
- Date: Wed, 23 Oct 91 15:48:56 EDT
- From: "John R Ruckstuhl Jr" <ruck@alpha.ee.ufl.edu>
- Message-Id: <9110231948.AA04537@alpha.ee.ufl.edu>
- To: sun-managers@eecs.nwu.edu
- Subject: automounter security
-
- I see in an article posted to alt.sys.sun
-
- From: scheller@asdi.saic.com (Mark Scheller x6519)
- Subject: Automount questions
- Message-ID: <3971674@MVB.SAIC.COM>
- Date: 22 Oct 91 14:51:21 GMT
-
- Mark's colleague George has used the auto.master entry suggested by
- Sun's documentation
- #Mount-point Map Mount-options
- /net -hosts
-
- Since I think this may be dangerously common, I call your attention to it.
-
- If one sets up the automounter configuration as suggested in
- System & Network Administration, (I'm reading the manual that
- accompanied our SunOS 4.1 shipment, Part Number 800-3805-10 Revision A
- of 27 March, 1990),
-
- On pg 443 and pg 457 (and something similar on 458)
- A typical auto.master file would contain...
- #Mount-point Map Mount-options
- /net -hosts
-
- Wouldn't suid programs be available to any user from any cooperative
- remote location who was listed in the NIS map hosts.byname?
- It seems dangerous to not use the "nosuid" mount option for the -hosts
- map. But Sun makes no admonishment, and gives dangerous examples (if I
- understand the situation correctly).
-
- An example:
- Suppose "apple" runs automounter with such a mapping, and I am a guest
- user on apple. Further, apple has "orange" in her hosts database.
- If I have root access on "orange", I can create a root-suid program on
- orange, exportfs so that I can get to it from my guest account on apple.
-
- CERT knows about this.
-
- Use "nosuid", as in
- /net -hosts nosuid
- You might or might not have to reboot (not just restart the automounter)
- to effect the change. I don't know.
-
- Regards,
- ruck.
-
-
-
