Re: NFS Security Question
From: Matthew Collins (pingu@zymurgy.org)Date: 08/15/01
- Previous message: Jan-Philip Velders: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Next in thread: Neil Dickey: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
Date: Wed, 15 Aug 2001 17:05:58 +0100 From: Matthew Collins <pingu@zymurgy.org> To: Ryan Russell <ryan@securityfocus.com> Subject: Re: NFS Security Question Message-ID: <20010815170558.A5563@keg.zymurgy.org>
On Wed, Aug 15, 2001 at 09:30:02AM -0600, Ryan Russell wrote:
> On Wed, 15 Aug 2001, Matthew Collins wrote:
>
> > While true this is pure semantics; you need authenticated NIS/NFS usage
> > as Darren describes. If I can get root I can just vipw, add bob locally
> > and su to bob to cd into his directory if its available to this machine.
>
> Yes, several people wrote me with the same thing. What I didn't state is
> that, of course, I get to play all the tricks that root can play. Like
> hijacking Bob's TTY. But your way works too. :)
>
> Ryan
>
Yep ;-( Hijacking Bobs tty requires bob to be logged in of course. Simply
adding him to your local map doesn't. And even thats irrelevant if you dont
authenticate your NFS - go download nfstool, its an ftp style nfs client
that includes commands to set your uid and gid to any you like over the
NFS protocol (NFS requests will claim to be that uid). It doesn't need
to change your actual euid at all; its not a suid operation.
Matt
- Previous message: Jan-Philip Velders: "Re: NFS Security Question"
- Maybe in reply to: McGee Olson: "NFS Security Question"
- Next in thread: Neil Dickey: "Re: NFS Security Question"
- Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]
