[10379] in bugtraq
Network Appliance NFS filer root hole
daemon@ATHENA.MIT.EDU (Pete Ashdown)
Wed Apr 28 15:55:03 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=US-ASCII
Content-Transfer-Encoding: 7bit
Message-Id: <199904281658.KAA14944@slack.xmission.com>
Date: Wed, 28 Apr 1999 10:58:54 -0600
Reply-To: Pete Ashdown <pashdown@XMISSION.COM>
From: Pete Ashdown <pashdown@XMISSION.COM>
To: BUGTRAQ@NETSPACE.ORG
For Network Appliance NFS filer release:
NetApp Release 5.2.1: Thu Dec 31 12:56:45 PST 1998
Following "Example 1" on page 136 of the "System Administrator's Guide" for
the Network Appliance results in a gaping hole. In this example, they
explain that "the following line exports the root directory of the default
filter volume to the administration host with root privileges."
/vol/vol0 -root=adminhost
This is all fine and good, but it also exports to the WORLD with root
privileges. You have to specify either "-access", or "-rw", or "-ro" in
addition to "-root" for this not to happen. When I mentioned this to my
NetApp SE, I was met with quizzical looks, but no code-update or patch.
Thusly, I sent it to bugtraq.
