misc/58114: amd(8) security model isn't clear

To: misc-bug-people%netbsd.org@localhost,gnats-admin%netbsd.org@localhost,netbsd-bugs%netbsd.org@localhost
Subject: misc/58114: amd(8) security model isn't clear
From: campbell+netbsd%mumble.net@localhost
Date: Thu, 4 Apr 2024 21:00:01 +0000 (UTC)

>Number:         58114
>Category:       misc
>Synopsis:       amd(8) security model isn't clear
>Confidential:   no
>Severity:       serious
>Priority:       medium
>Responsible:    misc-bug-people
>State:          open
>Class:          sw-bug
>Submitter-Id:   net
>Arrival-Date:   Thu Apr 04 21:00:00 +0000 2024
>Originator:     Taylor R Campbell
>Release:        current
>Organization:
The NfsAMD Foundation
>Environment:
spitting hail, sleet, and wind at me
>Description:
The security model of amd(8) is unclear:

- What is amd(8) exposed to when you launch it?
  => Privileged processes, presumably.
  => Unprivileged processes when when they try to follow automounted directories?
  => Unprivileged processes via amq(8)?
  => Remote network access?
- How is access controlled?
  => Are there any fixed port numbers that can be firewalled?
  => Can the operator specify a fixed port number that can be firewalled?

The man pages and NetBSD guide should both explain this.
>How-To-Repeat:
man amd, get confused
>Fix:
Yes, please!

Prev by Date: Re: bin/56974 ('amq -i' dumps core with sigsev)
Next by Date: Re: kern/56727: i915drmkms in current causes audio playback distortion
Previous by Thread: PR/58112 CVS commit: src/tests/rump/rumpkern
Next by Thread: bin/58115: [RB] usr.bin/config: stabilize ioconf.c output
Indexes:

Home | Main Index | Thread Index | Old Index