Re: [linux-security] Re: Possible bufferoverflow condition in

[vidar () intercom no (Vidar Madsen)]

[discussion about mount and umount being suid root]

>         This would be a good canidate for sudo.  As any good sysadmin
> will keep telling you...  Disable ALL suid programs that are not
> necessary for the normal operation of the system.  If a user needs to
> mount filesystems, use sudo to all the operation as root.

As far as I can see, the same security flaws would be equally exploitable
when going through sudo or having the program suid root? After all, the
exploit in mount/umount goes through the command line, and would therefore
not be "filtered out" in any way even though one starts it from sudo?
(Unless sudo itself chops the command line arguments to a respectable
size, but that wouldn't be improved security, that would be blind luck!;)
I guess there's no perfect solution to this problem, other than patching
the appropriate files. In the meantime, chmod u-s /bin/mount /bin/umount.

Another issue, not exactly the same subject, but slightly relevant; DO NOT
mount the Linux Slackware 3.0 CD-ROM (from Walnut Creek) - and possibly
other distributions - somewhere the users can access it! The /live/
directory contains an "installed" system, with a LOT of programs easily
exploited to gain a root shell, e.g. mount / umount / dip / suidperl. I
guess the included splitvt can be exploited too, but running eggplant only
gave me Segmentation Fault. Haven't done much research on it, though...

- Vidar Madsen

------------------------------------------------------------------------------
Vidar Madsen   | E-mail: vidar () intercom no
Lysskar 16     | WWW:    http://www.intercom.no/~vidar/
5500 Haugesund | Phone:  +47 52 73 10 00 (work)   +47 52 72 75 90 (home)
Norway         | Fax:    +47 52 73 10 02 (work)
------------------------------------------------------------------------------