Path: utzoo!utgpu!news-server.csri.toronto.edu!cs.utexas.edu!usc!zaphod.mps.ohio-state.edu!unix.cis.pitt.edu!dsinc!netnews.upenn.edu!msuinfo!rang
From: rang@cs.wisc.edu (Anton Rang)
Newsgroups: comp.unix.internals
Subject: NFS & security (was Re: Complex security mechanism is unsecure)
Summary: Don't go together
Message-ID: <RANG.90Dec16131137@nexus.cs.wisc.edu>
Date: 16 Dec 90 18:11:37 GMT
References: <1990Dec7.171501.18028@mp.cs.niu.edu> <4627@pkmab.se>
	<4088@osc.COM>
Sender: news@msuinfo.cl.msu.edu
Organization: UW-Madison CS department
Lines: 14
In-Reply-To: strick@osc.com's message of 15 Dec 90 02:15:54 GMT

In article <4088@osc.COM> strick@osc.com (henry strickland) writes:
>In the normal NFS setup, making myself root on a workstation does not
>give me root priveleges on the filesystem of a remote NFS server
>which I can mount the partitions of.  [ ... ]  Now if any of these
>non-root users owns (or groups has w bits on) some file in the PATH
>of root (or one of the directories or superdirectories in the PATH),
>the trojan horse can ride.

  Does Sun still install their OS distributions with directories owned
by bin?  This one bit me once, before I realized how easy it was to
spoof the YP "authentication" (netgroups stuff) which was being used
to "restrict" (ha!) people from mounting our servers....  Sigh.

	Anton
   
+---------------------------+------------------+-------------+
| Anton Rang (grad student) | rang@cs.wisc.edu | UW--Madison |
+---------------------------+------------------+-------------+