Hi,
Today I realized a terible problem ! Any ordinari user can mount a remote
file system if they allow. Ok, this might be a good thing but it has also
many security problems. Imagine, one of our users is the root of an
another system ( even this might be a Linux ! ). Then hi create a setuid
program at remote host, and change its owner to root, then export this
dir. Then login my system and then mount that dir, then he became root !
Yes hard to think but, this *WORKS* ! I immediately changes the
permitions of mount* files to 700, but this not a solution, any body can
find this executables from an another DEC. Do you have any solution for
this problem ?
Sincerely.
murat.
----
Murat Balci UNIX sys. Admin
s-mail : Ege Universitesi B.A.U.M - Bornova, IZMIR, TURKIYE.
e-mail : balci_at_baum01.ege.edu.tr Phone :+(90)(232)3881080-253
Received on Wed Oct 18 1995 - 14:51:44 NZDT