[15] in linux-security and linux-alert archive
NFS server
daemon@ATHENA.MIT.EDU (Olaf Kirch)
Mon Mar 6 15:11:06 1995
From: okir@monad.swb.de (Olaf Kirch)
To: linux-security@tarsier.cv.nrao.edu
Date: Mon, 6 Mar 1995 20:44:07 +0100 (MET)
Reply-To: linux-security@tarsier.cv.nrao.edu
Hello everyone,
First off, let me say I'm sorry I sent out this NFS-server posting to the
alert list. This is not the way I intend to do things; I was just up to my
ears in over a thousand of majordomo mails so I failed to notice.
I checked out the nfs stuff today, and now I'm not so sure that this has
actually been fixed already. I poked around a couple of FTP sites, and the
newest version of the server I found was version 2.0 of dec 93. Another
indication no-one has actually done this is that the setfsuid call is
not part of libc-4.5.27.
I'll see if I can put together a patch tonight for this and upload a
new server to some site. I'll also put in the root_squash fix posted
recently. While we're at it, are there any other known holes?
Regards,
Olaf
--
Olaf Kirch | --- o --- Nous sommes du soleil we love when we play
okir@monad.swb.de | / | \ sol.dhoop.naytheet.ah kin.ir.samse.qurax
