[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: at-boot smbmount security.
"Nadav Har'El" <nyh@math.technion.ac.il> writes:
> Please, try it out yourself. Do 'chmod o= /etc/fstab', and see that
> 'mount /mnt/floppy', mount (without parameters), df, mv, and whatever else
> you can think of, should work. Whatever does not work, is buggy and can
> be fixed.
As I wrote earlier, that was the first thing I tried. I get popups
saying things like
"Couldn't open /etc/fstab to create dynamic devices: Permission
denied."
$ ls -l /bin/mount
-rwsr-xr-x 1 root root 56508 Apr 30 22:02 /bin/mount
$ ls -l /etc/fstab
-rw-r----- 1 root root 1107 Aug 12 17:13 /etc/fstab
$ ls -l /etc/mtab
-rw-r--r-- 1 root users 438 Aug 13 19:42 /etc/mtab
Strictly speaking, the fact that /bin/mount has the suid bit on does
not mean there is not a problem. Typically, setuid programs tend to
reset uid to the real user id when the author thinks the superuser
privileges are no longer needed. It is a basic security precaution -
if there is a security-related bug in the unpriviledged portion of the
program the damage will be contained, so it pays to keep the
priviledged portion to the minimum. With mount(8) it will make sense
because it might be calling independent programs such as smbmount(8),
$ ls -l /sbin/mount.smbfs
lrwxrwxrwx 1 root root 20 Jul 22 22:56 /sbin/mount.smbfs -> ../usr/bin/smbmount
$ ls -l /usr/bin/smbmount
-rwxr-xr-x 1 root root 277596 Jun 25 22:42 /usr/bin/smbmount
Of course, mount(8) should first read /etc/fstab and only then
setuid(getuid()).
I actually suspect that the popups I see come from usermount,
$ ls -l /usr/bin/usermount
-rwxr-xr-x 1 root root 21992 Feb 14 22:18 /usr/bin/usermount
- it seems to parse /etc/fstab all on its own and pick mountable
filesystems with the user option (judging by a very superficial look
at the code). I have no idea what calles the bloody thing, it's a GTk
app, not KDE.
--
Oleg Goldshmidt | ogoldshmidt@NOSPAM.computer.org
"If it ain't broken, it has not got enough features yet."
=================================================================
To unsubscribe, send mail to linux-il-request@linux.org.il with
the word "unsubscribe" in the message body, e.g., run the command
echo unsubscribe | mail linux-il-request@linux.org.il