Having updated some machines to lenny and 2.6.26-19lenny2 kernel,
I now cannot reproduce the problem: seems to be fixed.
I guess this bug may be closed.
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of
sys credential mapping. A brief marc.info search isn't finding them.
>
> There's nobody that I know of working on this sort of problem currently.
Is there anything I should do? I would not know what user interface to
propose.
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au
Dear Moritz,
> Please file an enhancement bug at bugzilla.kernel.org ...
Done:
http://bugzilla.kernel.org/show_bug.cgi?id=14295
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustra
g=406902#29
I guess they did not use "my" patches to fs/exportfs/expfs.c, but
arrived at the same change independently: I have only sent those
patches to this Debian bug (not to any other forums).
You may close this bug.
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths
I have not yet updated any of my 8-core machines to lenny, plan to do
that over the Christmas break. I had updated the kernels to 2.6.24 and
the "problem" persists.
Cheers, Paul
Paul Szabo p...@maths.usyd.edu.au http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and
ess to it.
>
> ...
> References:
>
> [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1.2
> [2] http://www.debian.org/doc/debian-policy/ch-files.html#s10.9
(please see http://bugs.debian.org/299007 for more details).
> (gzip is not typically ran in any of these direc
ess to it.
>
> ...
> References:
>
> [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1.2
> [2] http://www.debian.org/doc/debian-policy/ch-files.html#s10.9
(please see http://bugs.debian.org/299007 for more details).
> (gzip is not typically ran in any of these direc
ess to it.
>
> ...
> References:
>
> [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1.2
> [2] http://www.debian.org/doc/debian-policy/ch-files.html#s10.9
(please see http://bugs.debian.org/299007 for more details).
> (gzip is not typically ran in any of these direc
Joey Hess <[EMAIL PROTECTED]> wrote:
> I'm a wimp, so ... instead of writing some real exploit to win the race.
What race? A simple
perl -e 'while (1) { unlink("xyz") and link("/etc/passwd","xyz") and exit }'
should work.
Paul Szabo
ess to it.
>
> ...
> References:
>
> [1] http://www.debian.org/doc/debian-policy/ch-opersys.html#s9.1.2
> [2] http://www.debian.org/doc/debian-policy/ch-files.html#s10.9
(please see http://bugs.debian.org/299007 for more details).
> (gzip is not typically ran in any of these direc
. This "goes cleanly" into versions
1.0.3
1.0.4
1.9.2
1.9.6
and elicits only mild (fuzz/offset) messages for
0.7.4
.
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--- src/mbox.c.orig
its ownership of /home is "wrong". Its use
and usefulness should be reviewed.
Group staff is said to be useful "for helpdesk types or junior sysadmins",
without warnings that it is in fact root-equivalent.
Use of root-equivalent users and groups may enlarge the attack surfa
olishly) think is safe?
> The problem is that most NFS-servers and most versions of the
> NFS protocol do not perform sufficient validation ...
NFS may be ugly and insecure. Should we banish it from Debian?
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
Scho
ollowing of the
policy, prevents base-files from being secure. Is not the policy at
fault if it mandates insecure settings or actions?
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBS
://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
yuki Yamamoto <[EMAIL PROTECTED]> seems to indicate
that the bug is taken seriously: his view of correctness seems "skewed".
> I don't mind at all, if the actions are correct and justified :)
Thanks,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/ps
terry,
/export and /export/home must be owned and writable by root only.
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
I have now sent the following to the BugTraq and FullDisclosure mailing
lists, see e.g.
http://www.securityfocus.com/archive/1/393997
http://lists.grok.org.uk/pipermail/full-disclosure/2005-March/032804.html
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of
questions.
Thanks,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
en do you expect it to be forwarded upstream?
Thanks,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
taff feature and privileges:
your machine, your right to run it any way you like; its (in)security is
your responsibility alone. However, you must also grant me the right to
run my machine securely, and should not try to prevent me from doing so
by policy.
Cheers,
Paul Szabo [EMAIL PROTECTED]
.
Yes I noticed your agreement, thanks, and thanks for re-stating it. We seem
to disagree on the urgency only: are there any machines that are currently
affected?
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydne
chine, creates setgid-staff binary, gets root on all.
Is not that realistic?
Should not administrators be warned that giving staff privilege is
equivalent to root? Are not they being misled into thinking that staff is
somehow less dangerous?
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.m
rong, and will suffer the humiliation of being
laughed at; or maybe I am right ...
(I know Matt thinks bugs.debian is public already, but it is quite obscure;
so the general public, Debian users, and other Linux/UNIX maintainers may
still be in the dark.)
Cheers,
Paul Szabo [EMAIL PROTECTED]
ups disk and
tty also.)
(The problem is not Debian-specific. Only the policy is; am not sure if
other distibutions even have a policy.)
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSU
ks,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
CTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
option; but become-any-user-but-root and
become-any-group-but-root remains possible. In the presence of NFS, we (the
local machine) cannot fully protect users; but must still protect root.
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statis
ser in group staff.
>
> I think you did not bother to read my response, since I
> explicitly stated that there is no reason to have /home writable by
> user staff.
I used the name /users, not /home; whether either is group-staff-writable
is irrelevant.
In my example, I properly and
on of privileges ... we should encourage.
Yes, definitely; but we need to do so securely.
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
group tty also? All should be
"squashed" (and the objects owned by root:root instead).
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
ght have missed.
I apologize for blacklisting your ISP. Apparently the bounce message from
maths.usyd.edu.au said:
see http://www.dnsbl.sorbs.net/cgi-bin/db?IP=82.65.23.158 or mail [EMAIL
PROTECTED] if genuine
I will now ask my postmaster to whitelist your email address.
Cheers,
Paul Szabo [E
onfiguration. It is your bug if you do not warn against the insecure
settings.
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, email to [EMAIL PROTECTED]
with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
e common scenarios, current
arrangements allow root access. (The worst kind of "bug": mandated by
policy...)
Cheers,
Paul Szabo [EMAIL PROTECTED] http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of SydneyAustralia
--
To UNSUBSCRIBE, e
34 matches
Mail list logo
