Bug#299007: base-files: Insecure PATH
Bill,
>> Though nfs-user-server may "know" about the squash_gids option,
>> nfs-kernel-server does not.
>
> You can emulate squash_gids using the ugidd daemon. Just map staff to
> nogroup.
>
> In fact, most of your problems can be solved with use of ugidd, and this
> is not Debian specific.
Using squash_gids or ugidd would prevent an attacker from creating a
setgid-staff object, thus keeping things safe while there are no users in
group staff. Neither squash_gids nor ugidd would prevent scribbling over
the .bashrc file of, or otherwise trojan, a user in group staff.
I beleive that group staff is pretty useless until you put some users into
that group. Using squash_gids or ugidd we can keep it safe in that default
but useless state; we can not make it safe in the useful state.
Would you agree with the above? (Then we should think about groups disk and
tty also.)
(The problem is not Debian-specific. Only the policy is; am not sure if
other distibutions even have a policy.)
Cheers,
Paul Szabo psz@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia
Reply to: