Bugtraq mailing list archives

nfs_mount in AIX

From: rick () msc cornell edu (rick () msc cornell edu)
Date: Tue, 25 Apr 1995 17:05:15 -0400 (EDT)


It appears that the completely undocumented routine 'nfs_mount' can be
used by a non-root user to mount a daemon on a directory ala NFS.  It
seems to me that this is a very nasty security hole.

I can't offer more details since, as I said, the routine is completely
undocumented, and the only working example I have is in a piece of
third-party software to which I do not have source.

I would appreciate it if someone could shed some light on this.

-Rick

-- 
|Rick Cochran                                                607-255-7223|
|Cornell Materials Science Center                    rick () msc cornell edu|
|E20 Clark Hall, Ithaca, N.Y. 14853          cornell!msc.cornell.edu!rick|
|           "Workstations - I bet you can't eat just one!"               |

Current thread:

Re: Kerberos availability (Re: NIS) Tim Scanlon (Apr 20)
- Re: Kerberos availability (Re: NIS) Michel Lavondes (Apr 24)
  - Re: Kerberos availability (Re: NIS) Jas (Apr 25)
    - Re: Kerberos availability (Re: NIS) Julian Assange (Apr 26)
  - nfs_mount in AIX rick () msc cornell edu (Apr 25)
    - Re: nfs_mount in AIX Tom Fitzgerald (Apr 25)
    - Re: nfs_mount in AIX rick () msc cornell edu (Apr 26)
    - Re: nfs_mount in AIX Aleph One (Apr 26)
    - Re: nfs_mount in AIX John F. Haugh II (Apr 26)
    - Re: nfs_mount in AIX Julian Assange (Apr 26)
    - CGI script insecurity in NCSA httpd Paul Phillips (Apr 26)
    - Re: CGI script insecurity in NCSA httpd Jeremy Fitzhardinge (Apr 27)
    - sniffers froden () yf-kraft no (Apr 28)
    - Re: your mail Timothy Newsham (Apr 30)
    - sniffers Theodore Alexopoulos (Apr 29)

(Thread continues...)