NetBSD-Bugs archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
lib/43109: rump_ffs does not enforce permissions
>Number: 43109
>Category: lib
>Synopsis: rump_ffs does not enforce permissions
>Confidential: no
>Severity: serious
>Priority: medium
>Responsible: lib-bug-people
>State: open
>Class: sw-bug
>Submitter-Id: net
>Arrival-Date: Sun Apr 04 00:15:00 +0000 2010
>Originator: Jed Davis
>Release: NetBSD 5.0_STABLE
>Organization:
>Environment:
System: NetBSD planetarium.xlerb.net 5.0_STABLE NetBSD 5.0_STABLE (PLANETAR64)
#0: Sat Jan 30 14:45:38 EST 2010
jld%planetarium.xlerb.net@localhost:/bag/srcs/netbsd-5/sys/arch/amd64/compile/PLANETAR64
amd64
Architecture: x86_64
Machine: amd64
>Description:
rump_ffs -- and probably all the other p2k filesystems -- does not
enforce filesystem permissions. While the man page does indicate that
"[i]t is currently considered experimental", it also states that "[a]part
from a minor speed penalty ... there is no difference to using in-kernel
code", and a lack of permissions is a definite difference.
>How-To-Repeat:
newfs -F -s 1M img
mkdir mnt
rump_ffs img mnt
sudo -u nobody -s
cd mnt
cp /bin/sh ./
chown root sh
chmod 4755 sh
./sh
whoami
>Fix:
No idea.
Home |
Main Index |
Thread Index |
Old Index