Bugtraq mailing list archives
Re: 2.4.x/Slackware Init script vulnerability
From: Keith Owens <kaos () ocs com au>
Date: Wed, 18 Jul 2001 09:59:43 +1000
-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 Content-Type: text/plain; charset=us-ascii On Tue, 17 Jul 2001 16:32:07 -0400, Derek Martin <ddm () pizzashack org> wrote:
I also did the same thing on a Red Hat 7.1 system, with modutils 2.4.2 (as shipped by Red Hat), and linux 2.4.5 (pristine), and the modules.* files were recreated with permissions 0644 upon reboot, so it seems not to be limited to just Slackware, but also not a universal problem. Since it did not happen on RH 7.1 with modutils 2.4.2, it may be that the problem is actually in modutils 2.4.3 (and later, probably), and not in earlier modutils. I think this is probably not really a kernel issue, per se.
None of the above. A change to the kernel in 2.4.3-pre5 or -pre6 caused all kernel thread programs to run with umask 0, including init. Newer Redhat rc.sysinit sets the umask instead of trusting the kernel value, older Redhat and current Slackware trust the kernel. modutils trust umask.
I would think that modutils should set the creation mode to 0644 when creating these files. I would also think that as a security measure, modutils should verify that these files (or at least modules.dep) are not world-writable (and probably also not group writable) BEFORE loading modules as a result of listed dependencies...
When programs should force security settings and when they should trust the umask is a policy question. Users on development systems deliberately create modules.dep as 666 and allow modules to be owned as other than root so modutils allows this. In this case I decided that the policy setting should come from the user via umask, instead of being forced by the programs. If root's umask is 000 then lots of programs are insecure, should all of those programs be changed to ignore umask?
I'm not really sure that the kernel itself should automatically set a restrictive umask, as I would think it should be up to user-space programs to decide that; but it probably doesn't matter much either way.
The kernel normally mimics the default umask for shells, 022. The change from 022 to 000 was incorrect and will be backed out in the next kernel release. Keith Owens, modutils maintainer. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.0.3 (GNU/Linux) Comment: Exmh version 2.1.1 10/15/1999 iD8DBQE7VNFui4UHNye0ZOoRAubSAJ9NnJnZ9QoyFKs3cXDS4ys/di5QCACg5KEX 3NjShKKQqwm3mMRlACkUFes= =q86Y -----END PGP SIGNATURE-----
Current thread:
- Happy 3 month anniversary cfingerd remote bug! zen-parse (Jul 11)
- 2.4.x/Slackware Init script vulnerability josh (Jul 16)
- Re: 2.4.x/Slackware Init script vulnerability Derek Martin (Jul 17)
- Re: 2.4.x/Slackware Init script vulnerability Keith Owens (Jul 18)
- secure software philosophy (was Re: 2.4.x/Slackware Init script vulnerability) Derek Martin (Jul 18)
- Re: 2.4.x/Slackware Init script vulnerability Derek Martin (Jul 17)
- Re: 2.4.x/Slackware Init script vulnerability twiz - Perla Enrico (Jul 18)
- Re: 2.4.x/Slackware Init script vulnerability Radu-Adrian Feurdean (Jul 19)
- Re: 2.4.x/Slackware Init script vulnerability twiz - Perla Enrico (Jul 19)
- RE: 2.4.x/Slackware Init script vulnerability Jeev (Jul 19)
- 2.4.x/Slackware Init script vulnerability josh (Jul 16)