Coda File System

RE: install as root.root doesn't work on BSD systems

From: Green, Andrew <AGreen_at_dmwworldwide.com>
Date: Thu, 5 Aug 1999 10:07:28 -0600
You'd have to be a fool to export /usr writable...but
often times I see filesystems mounted without "nosuid"
so creating and subsequently executing a setuid-bin shell
gives you the same result with no more effort.

I wonder if my outlook is mis-interpreting something; I meant to
only respond to Mr. Forsman.

Andrew

> -----Original Message-----
> From:	Robert Forsman [SMTP:thoth_at_nile.purplefrog.com]
> Sent:	Thursday, August 05, 1999 9:40 AM
> To:	codalist_at_TELEMANN.coda.cs.cmu.edu
> Subject:	Re: install as root.root doesn't work on BSD systems 
> 
> Phil Nelson <phil_at_cs.wwu.edu> ,in message
> <199908032156.OAA02193_at_fawn.cs.wwu.ed
> 	u>, wrote: 
> 
> > 
> > Hi,
> > 
> >   The recent change to install as root.root doesn't work on BSD
> > systems.  It should bin.bin on unpriviledged binaries.
> 
>   I remember somebody complaining about how NFS doesn't have
> bin-squashing, so
> if anyone were able to compromise a machine and get write access to
> remote:/usr, then you'd be pretty fucked.  Of course, why would you
> write-export /usr?
> 
> -- 
> Bob Forsman                                   thoth_at_gainesville.fl.us
>            http://www.gainesville.fl.us/~thoth/
Received on 1999-08-05 12:17:21