[1486] in linux-security and linux-alert archive
[linux-security] Re: More sendmail problems... Partition your disks!
daemon@ATHENA.MIT.EDU (Leos Bitto)
Mon Mar 24 16:19:48 1997
Date: Mon, 24 Mar 1997 19:40:54 +0100 (MET)
From: Leos Bitto <bitto@kolej.mff.cuni.cz>
To: linux-security@redhat.com
In-Reply-To: <199703241716.MAA18146@ding.mailhub.com>
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
On Mon, 24 Mar 1997, Alexander O. Yuriev wrote:
>
> This is yet-another reason to _partition_ your disks. Of course hard links
> do not work accross filesystems. Even thought it is a pain in the neck to do
> when installing your operating system, think about separating critical
> system files from non-critical and non-system files from system files. I
> would say that the following layout is a good place to start:
>
> /
> /usr (nosuid,nodev,ro)
> /usr/local (nosuid,nodev,ro)
> /usr/local/sbin (nodev,ro)
> /tmp (nosuid,noexec,nodev)
> /var (nosuid,noexec,nodev)
> /opt (nosuid,nodev,ro)
> /services (nosuid,noexec,nodev)
> /home (nosuid,nodev)
>
>
> Alex
>
>
> ------- Forwarded Message
>
> Return-Path: owner-bugtraq@netspace.org
> Reply-To: C0WZ1LL4@netspace.org
> Sender: Bugtraq List <BUGTRAQ@netspace.org>
> From: C0WZ1LL4@netspace.org
> Approved: alex@yuriev.com
> To: BUGTRAQ@netspace.org
>
> Hello fellow mongoloids
> Try this:
> Make hard link of /etc/passwd to /var/tmp/dead.letter
> Telnet to port 25, send mail from some bad email address to some unreacheable hoost.
> Watch your message get appended to passwd.
> ie:
> cowzilla::0:0:c0wz1ll4 0wns u:/:/bin/sh
>
> This is not good. Worked with my 8.8.4, will probably also work with 8.8.5
> Root for the whole family
>
> - -Cowzilla the omnipotent b0v1n3
> PD
> Greets to various #2600 people
>
> ------- End of Forwarded Message
>
>
You may also try my patch to kernel 2.0.29 (it should work with older
kernels too), file linux/fs/namei.c:
--- namei.c.orig Tue Feb 18 21:42:49 1997
+++ namei.c Tue Feb 18 21:46:35 1997
@@ -826,6 +826,11 @@
iput(oldinode);
return -EPERM;
}
+ if (current->fsuid && oldinode->i_uid != current->fsuid) {
+ iput(dir);
+ iput(oldinode);
+ return -EPERM;
+ }
dir->i_count++;
if (dir->i_sb && dir->i_sb->dq_op)
dir->i_sb->dq_op->initialize(dir, -1);
It allows you to create hardlink only if you own the file you are creating
hardlink to or if you are root.
I use it and it works good, AFAIK it has no bad side effects.
Leos Bitto
<bitto@kolej.mff.cuni.cz>