Bug#299007: base-files: Insecure PATH
On Sun, 20 Mar 2005 11:21:07 +1100, psz <psz@maths.usyd.edu.au> said:
> Brendan O'Dea <bod@debian.org> wrote:
>> Your argument is that exporting a writable / or /usr via NFS
>> exposes you to possible exploits? Then DON'T DO THAT.
> and Manoj Srivastava <srivasta@debian.org> wrote:
>> ... majority do not NFS export /usr/local ...
> Sorry, but that is not the issue. The attacked machine would not be
> an exporter, but a mounter of user files.
Umm. The exporter is the one that got attacked, since it has
the data. every other user that mounts the file system is collateral
damage.
> Suppose I have a bunch of machines, that "share" user files: all
> NFS-mount /users (containing user home directories
> /users/*). Getting root on any one of this bunch of machines would
> allow me to create a setgid-staff file; or maybe I could mess around
> with the .bashrc of a user in group staff.
I think you did not bother to read my response, since I
explicitly stated that there is no reason to have /home writable by
user staff.
> Arguments about exports with squash_gids are moot: many NFS
> exporters do not have that option; and non-Debian exporters would
> not know or care about group staff.
Umm, non-debian exporters are not covered by policy, and thus
we do not care about them. And since this is not a client side thing
at all, this line of argument is just noise.
I do not see this email in any way pointing to a valid flaw in
my summary.
manoj
--
"The most formidable weapon against errors of every kind is reason."
Thomas Paine, _The Age of Reason_
Manoj Srivastava <srivasta@debian.org> <http://www.debian.org/%7Esrivasta/>
1024D/BF24424C print 4966 F272 D093 B493 410B 924B 21BA DABB BF24 424C
Reply to: