NetBSD-Bugs archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

misc/58114: amd(8) security model isn't clear



>Number:         58114
>Category:       misc
>Synopsis:       amd(8) security model isn't clear
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Apr 04 21:00:00 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current
>Organization:
The NfsAMD Foundation
>Environment:
spitting hail, sleet, and wind at me
>Description:
The security model of amd(8) is unclear:

- What is amd(8) exposed to when you launch it?
  => Privileged processes, presumably.
  => Unprivileged processes when when they try to follow automounted directories?
  => Unprivileged processes via amq(8)?
  => Remote network access?
- How is access controlled?
  => Are there any fixed port numbers that can be firewalled?
  => Can the operator specify a fixed port number that can be firewalled?

The man pages and NetBSD guide should both explain this.
>How-To-Repeat:
man amd, get confused
>Fix:
Yes, please!



Home | Main Index | Thread Index | Old Index