Bugtraq mailing list archives
(no subject)
From: Bruno.Treguier () SHOM FR (Bruno Treguier)
Date: Mon, 11 Oct 1999 18:09:36 +0200
Hello, On May 10, Jonas Stahre <yes () allevil campus luth se> sent a message about a problem he encountered on Solaris 7 with rmmount not disabling set-uid programs on external devices like CD-ROMs or floppies, in spite of what is written in the man page. (Message-id: <Pine.BSF.4.05.9905100836580.94142-100000 () allevil campus luth se
)
I did not pay much attention at that time (sorry Jonas :) ), but we just ran into that problem a few days ago, as we are disseminating Solaris 7 here on our client workstations. The obvious consequence is that any user having physical access to the workstation and having an account on it, is able, by a simple "volcheck", to gain root access if vold is running. We called Sun today, and obviously they don't give a damn. They refuse to consider this as a bug, as long as it is possible to correct the problem via the rmmount.conf file (which is true). However, I don't understand Sun's point of view. This is obviously a security issue in rmmount's behaviour, which is NOT the same in previous versions of Solaris. Moreover, the man page still reflects what this behaviour should be. Any ideas about what can be done to make them change their mind about the severity of this "feature" :) ? Or am I really paranoid ? Regards, Bruno -- -- Service Hydrographique et Oceanographique de la Marine --- Service INF -- 13, rue du Chatellier --- BP 426 --- 29275 Brest Cedex, FRANCE -- Phone: +33 2 98 22 17 49 --- Email: Bruno.Treguier () shom fr
Current thread:
- (no subject) Bruno Treguier (Oct 11)
- <Possible follow-ups>
- (no subject) Cristian Gafton (Oct 21)
- (no subject) Bill Nottingham (Oct 27)