Bugtraq mailing list archives

Previous By Date Next
Previous By Thread Next

Re: /etc/mnttab and Solaris 2.4

From: sysdfg () gsusgi1 gsu edu (Davide Gaetano)
Date: Sat, 7 Jan 1995 12:50:21 -0500 (EST)



Hi,

Are there some critical programs that use the getmntent(3C) sets of functions?

I ask that because under Solaris 2.4, the /etc/mnttab is like this (666):
% ll /etc/mnttab
-rw-rw-rw-   1 root     root         409 Jan  6 13:25 /etc/mnttab


  Ours is mode 644. It has to be readable for things like df to 
  work. Only root needs to be able to write to the file, when 
  mounting file systems, changeing quota, and such.

  Note, that atleast on our system, quotaon sets the mode to 600
  and this break the df command (and quota -v for the user if 
  memory serves)

  Anyways, 644 should make all the user commands happy, without
  letting people muck up the file on you.



The man says:
     The file mnttab resides in  /etc  and  contains  information
     about  devices that are currently mounted. mnttab is read by
     programs using  the  routines  described  in  getmntent(3C).

So if there is any critical program using this file, it can be subverted.
rite?

Phil.
-- 

Philippe Langlois -- Net & Unix Admin @ World Net, Paris, France.  <
Email: phil () worldnet sct fr          "after all, we're all alike!" <
Internet Access at high speed in France? --Sure, but with us!      <




-- 
Davide Gaetano
sysdfg () gsusgi1 gsu edu
Previous By Date Next
Previous By Thread Next

Current thread: