Bugtraq mailing list archives
Re: nfs_mount in AIX
From: proff () suburbia apana org au (Julian Assange)
Date: Thu, 27 Apr 1995 13:48:04 +1000 (EST)
Here's a little additional information..... the nfs_mount routine does its work through the vmount() system call, which is documented. If this is a security hole at all, then it's because it would let an attacker mount a remote filesystem under his control onto a world-readable directory like
^^^^^^^^
/tmp or /var/preserve, and thereby grab a copy of everything that was written to that directory. Anybody want to write a test program?
Shouldn't that be writeable? -Proff
Current thread:
- Re: Kerberos availability (Re: NIS) Tim Scanlon (Apr 20)
- Re: Kerberos availability (Re: NIS) Michel Lavondes (Apr 24)
- Re: Kerberos availability (Re: NIS) Jas (Apr 25)
- Re: Kerberos availability (Re: NIS) Julian Assange (Apr 26)
- nfs_mount in AIX rick () msc cornell edu (Apr 25)
- Re: nfs_mount in AIX Tom Fitzgerald (Apr 25)
- Re: nfs_mount in AIX rick () msc cornell edu (Apr 26)
- Re: nfs_mount in AIX Aleph One (Apr 26)
- Re: nfs_mount in AIX John F. Haugh II (Apr 26)
- Re: nfs_mount in AIX Julian Assange (Apr 26)
- CGI script insecurity in NCSA httpd Paul Phillips (Apr 26)
- Re: CGI script insecurity in NCSA httpd Jeremy Fitzhardinge (Apr 27)
- sniffers froden () yf-kraft no (Apr 28)
- Re: your mail Timothy Newsham (Apr 30)
- sniffers Theodore Alexopoulos (Apr 29)
- Re: sniffers Jonathan M. Bresler (Apr 29)
- Re: sniffers Asriel DeCatte (Apr 30)
- Re: Kerberos availability (Re: NIS) Jas (Apr 25)
- Re: sniffers Asriel DeCatte (Apr 30)
- Re: sniffers Jas (Apr 30)
- Re: Kerberos availability (Re: NIS) Michel Lavondes (Apr 24)
- Re: sniffers Asriel DeCatte (Apr 30)