RE: Bug#4902: Major security hole in xvmount
At first I have to apologize for the huge delay of my
answer, but I simply did not receive the bug-reports due
to an error at debian.org.
meskes@informatik.rwth-aachen.de wrote:
> xvmount is a major security hole. The standard installation enables EVERY
> user to mount a cdrom or a floppy or a dos partition into the directory
> tree. The mountpoint doesn't even have to be owned by the user running
> xvmount since the program is suid root.
> This is a very bad idea. Just copy bash onto a floppy and make it suid root
> on your own machine et voila you'll be root on every machine with xvmount.
I do not see any reason to panic. xvmount itself is
not more or less safe than any user mount. It bears
exactly the same risks. One simply has to take exactly
the same care when configuring the /etc/xvmounttab as
when editing the /etc/fstab. If you configure your
/etc/fstab to enable SUID and DEV on an user mount
point exactly the same can happen.
Nevertheless, you are certainly right that I should have
added a warning notice that one HAS TO take this care
when editing the /etc/xvmounttab. Moreover, the choice
of the defaults by the author was not optimal. I have
changed this now to be exactly equivalent to the
presets for a noraml user mount. However, I do not see
any reason to generally disable SUID or DEV. It should
stay the decision of the sysop what is to be enabled
or not. Since the single user has no possibility to
influence the mount point or the mount options this
is no general security hole.
I hope you can agree. Then I will release the
corrected version.
Best wishes -- Volker
---------------------------------------------------------------------
Volker Ossenkopf KOSMA (Kölner Observatorium für submm-Astronomie)
Tel.: 0221 4703485 1. Physikalisches Institut der
Fax.: 0221 4705162 Universität zu Köln
E-Mail: ossk@zeus.ph1.uni-koeln.de
---------------------------------------------------------------------
Reply to: