Bug#581438: nfs-common: Permissions issue

[John Lepikhin <john@ispsystem.com>]

Package: nfs-common
Version: 1:1.1.2-6lenny1
Severity: grave
Tags: security
Justification: user security hole


Some user is the member of group "secure". I created a directory on NFS share with owner "otheruser", group owner "secure", permissions 707 (rwx---rwx).
User can read this directory, but he is not "otheruser" and IS the member of "secure" group.

It seems to be a kernel bug.

-- System Information:
Debian Release: 5.0.4
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: i386 (i686)

Kernel: Linux 2.6.32 (SMP w/4 CPU cores)
Locale: LANG=en_US.UTF-8, LC_CTYPE=en_US.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/bash

Versions of packages nfs-common depends on:
ii  adduser         3.110                    add and remove users and groups
ii  initscripts     2.86.ds1-61              Scripts for initializing and shutt
ii  libc6           2.7-18lenny2             GNU C Library: Shared libraries
ii  libcomerr2      1.41.3-1                 common error description library
ii  libevent1       1.3e-3                   An asynchronous event notification
ii  libgssglue1     0.1-2                    mechanism-switch gssapi library
ii  libkrb53        1.6.dfsg.4~beta1-5lenny2 MIT Kerberos runtime libraries
ii  libnfsidmap2    0.20-1                   An nfs idmapping library
ii  librpcsecgss3   0.18-1                   allows secure rpc communication us
ii  libwrap0        7.6.q-16                 Wietse Venema's TCP wrappers libra
ii  lsb-base        3.2-20                   Linux Standard Base 3.2 init scrip
ii  netbase         4.34                     Basic TCP/IP networking system
ii  portmap         6.0-9                    RPC port mapper
ii  ucf             3.0016                   Update Configuration File: preserv

nfs-common recommends no packages.

nfs-common suggests no packages.

-- no debconf information