Bugtraq mailing list archives
Re: [linux-security] Re: Possible bufferoverflow condition in
From: vidar () intercom no (Vidar Madsen)
Date: Thu, 15 Aug 1996 10:51:33 +0200
[discussion about mount and umount being suid root]
This would be a good canidate for sudo. As any good sysadmin will keep telling you... Disable ALL suid programs that are not necessary for the normal operation of the system. If a user needs to mount filesystems, use sudo to all the operation as root.
As far as I can see, the same security flaws would be equally exploitable when going through sudo or having the program suid root? After all, the exploit in mount/umount goes through the command line, and would therefore not be "filtered out" in any way even though one starts it from sudo? (Unless sudo itself chops the command line arguments to a respectable size, but that wouldn't be improved security, that would be blind luck!;) I guess there's no perfect solution to this problem, other than patching the appropriate files. In the meantime, chmod u-s /bin/mount /bin/umount. Another issue, not exactly the same subject, but slightly relevant; DO NOT mount the Linux Slackware 3.0 CD-ROM (from Walnut Creek) - and possibly other distributions - somewhere the users can access it! The /live/ directory contains an "installed" system, with a LOT of programs easily exploited to gain a root shell, e.g. mount / umount / dip / suidperl. I guess the included splitvt can be exploited too, but running eggplant only gave me Segmentation Fault. Haven't done much research on it, though... - Vidar Madsen ------------------------------------------------------------------------------ Vidar Madsen | E-mail: vidar () intercom no Lysskar 16 | WWW: http://www.intercom.no/~vidar/ 5500 Haugesund | Phone: +47 52 73 10 00 (work) +47 52 72 75 90 (home) Norway | Fax: +47 52 73 10 02 (work) ------------------------------------------------------------------------------
Current thread:
- Re: Possible bufferoverflow condition in lpr, xterm and xload Wolfram Schmidt (Aug 13)
- <Possible follow-ups>
- Re: Possible bufferoverflow condition in lpr, xterm and xload Jeff Uphoff (Aug 13)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Digital Dreamer (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in David DeSimone (Aug 14)
- Re: [linux-security] Re: Possible bufferoverflow condition in Vidar Madsen (Aug 15)
- Re: [linux-security] Re: Possible bufferoverflow condition in Shaun Lowry (Aug 16)
- Re: [linux-security] Re: Possible bufferoverflow condition in Mike Jackson (Aug 14)
- The buggy realpath.c Alan Cox (Aug 14)
- Re: Possible bufferoverflow condition in lpr, xterm and xload Nick Andrew (Aug 20)