Re: Problems with potato boot image / Security problem with man?

To: Robert Ribnitz <robert.ribnitz@unifr.ch>
Cc: "debian-sparc-request@lists.debian.org" <debian-sparc@lists.debian.org>
Subject: Re: Problems with potato boot image / Security problem with man?
From: Ben Collins <bcollins@debian.org>
Date: Thu, 15 Jun 2000 11:16:17 -0400
Message-id: <[🔎] 20000615111617.B2865@visi.net>
In-reply-to: <[🔎] 4.1.20000615110622.00a0ac20@e-user.unifr.ch>; from robert.ribnitz@unifr.ch on Thu, Jun 15, 2000 at 11:27:06AM +0200
References: <[🔎] 4.1.20000615110622.00a0ac20@e-user.unifr.ch>

On Thu, Jun 15, 2000 at 11:27:06AM +0200, Robert Ribnitz wrote:
> Hello again,
> 
> 1) INSTALLATION WOES
> ===================
> 
> yesterday I installed 2 more sparcstation 5 (image 2.2.15-2000-06-10, taken
> from sunsite.cnlab-switch.ch), and encountered the following problems:
> 
> 	a) when selecting the keyboard (the topmost, SUN US, SUN keymap) error
> message:
> 		"unable to extract sunkeymap.gz from /etc/keymaps.gz"

I've heard similar reports. I'll check into it, thanks.

> 	b) when I formatted the disk, I was asked whether I wanted to retain
> kernel 2.0 compatibility. If I select "no" there,
> 	the system will later be unable to make linux dirtectly bootable from disk
> (ie. install SILO) (".. was unable to make linux bootable form 	disk,
> please create a boot floppy") or to create a boot-floppy ("the system was
> unable to create a boot floppy, please make sure the 	medium isnt write
> protected" (which it wasnt)). When I enable kernel 2.0 compatibility the
> errors disappear.

Well considering potato-sparc is only meant to run with kernel 2.2+, I
guess I can hard code that on sparc to never have compatibility.

> 	c) the following error I cannot explain:
> 
> 	There's the option to get network settings using dhcp, on one of the
> machines it was later impossible to mount an NFS volume to get
> 	the disk images or base system from, the other worked fine. When setting
> the values (own ip, netmask, gateway) manually, it worked 	though.  On the
> dhcp server the two machines are configured identically.

That I'm not sure of. You might want to talk to the pump maintainer about
it. Also, did you check the ifconfig and route output after DHCP setup?
Maybe something isn't getting set. Perhaps /etc/resolv.conf is not being
setup either.

> 2) SECURITY ISSUE
> ================
> On machines installed using the slink image, and upgraded (dist-upgrade) to
> potato, and on machines installed using the potato image (version see
> above), "man /etc/passwd" will return the contents of said file. I did a
> cross-check with a solaris (sunos 5.7) machine, which did not exhibit this
> behavior.
> 
> Potato on i386 exhibits the same behavior (kernel in use there: 2.2.16)

Well, /etc/passwd is world readable, so I wouldn't call that a security
issue :) Now if you told me that it read /etc/shadow as non-root, then
I'de be worried.

Thanks for the info,
  Ben

-- 
 -----------=======-=-======-=========-----------=====------------=-=------
/  Ben Collins  --  ...on that fantastic voyage...  --  Debian GNU/Linux   \
`  bcollins@debian.org  --  bcollins@openldap.org  --  bcollins@linux.com  '
 `---=========------=======-------------=-=-----=-===-======-------=--=---'

Reply to:

References:
- Problems with potato boot image / Security problem with man?
  - From: Robert Ribnitz <robert.ribnitz@unifr.ch>

Prev by Date: Utility to check the system configuration for Sun Sparc System using linux or other.
Next by Date: Re: Utility to check the system configuration for Sun Sparc System using linux or other.
Previous by thread: Re: Problems with potato boot image / Security problem with man?
Next by thread: Unidentified subject!
Index(es):
- Date
- Thread