Bugtraq mailing list archives
Re: NFS exporting
From: kermit () ics forth gr (Aggelos D. Keromitis)
Date: Thu, 14 Apr 1994 17:08:31 +0300
In message <9404140442.AA22725 () Princeton EDU>, Carl Corey writes:
Now, are we talking exporting writeable to everyone, or _any_ NFS exported writeable partition?
Just NFS exported writable partition... The whole purpose of mountd is to give the client who mounts a filesystem a valid filehandle of the top directory of that filesystem...problem is you can send NFS requests directly to the nfsd and try to GUESS a file handle...at that point (nfsd) there is no authorization check...
is this exploitable? How would it be exploited? Is there a way to keep people from exploiting it (besides not exporting it)?
Well, thats what this discussion's been about so far :-) I THOUGHT secure RPC was secure...if it was using the algorithms correct, it should be....as it seems, a poor implementation blew this up... -Aggelos
Current thread:
- Re: NFS exporting, (continued)
- Re: NFS exporting Perry E. Metzger (Apr 13)
- Re: NFS exporting Michael Neuman (Apr 13)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Paul Graham (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 15)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Rob Quinn (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 14)
- Re: NFS exporting Steve Simmons (Apr 14)
- Re: NFS exporting Perry E. Metzger (Apr 14)