[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

RE: Bug#4902: Major security hole in xvmount

At first I have to apologize for the huge delay of my
answer, but I simply did not receive the bug-reports due 
to an error at debian.org.

meskes@informatik.rwth-aachen.de wrote:
> xvmount is a major security hole. The standard installation enables EVERY
> user to mount a cdrom or a floppy or a dos partition into the directory
> tree. The mountpoint doesn't even have to be owned by the user running
> xvmount since the program is suid root.

> This is a very bad idea. Just copy bash onto a floppy and make it suid root
> on your own machine et voila you'll be root on every machine with xvmount.

I do not see any reason to panic. xvmount itself is
not more or less safe than any user mount. It bears 
exactly the same risks. One simply has to take exactly 
the same care when configuring the /etc/xvmounttab as 
when editing the /etc/fstab. If you configure your
/etc/fstab to enable SUID and DEV on an user mount
point exactly the same can happen.

Nevertheless, you are certainly right that I should have
added a warning notice that one HAS TO take this care
when editing the /etc/xvmounttab. Moreover, the choice
of the defaults by the author was not optimal. I have 
changed this now to be exactly equivalent to the 
presets for a noraml user mount. However, I do not see
any reason to generally disable SUID or DEV. It should
stay the decision of the sysop what is to be enabled
or not. Since the single user has no possibility to 
influence the mount point or the mount options this
is no general security hole.

I hope you can agree. Then I will release the 
corrected version.

Best wishes -- Volker

Volker Ossenkopf    KOSMA (Kölner Observatorium für submm-Astronomie)
Tel.: 0221 4703485                    1. Physikalisches Institut der
Fax.: 0221 4705162                               Universität zu Köln
E-Mail: ossk@zeus.ph1.uni-koeln.de

Reply to: