[12396] in bugtraq
Re: Amanda multiple vendor local root compromises
daemon@ATHENA.MIT.EDU (Rob)
Mon Nov 1 23:44:29 1999
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Message-Id: <199911020024.TAA09553@xor.cs.umd.edu>
Date: Mon, 1 Nov 1999 19:24:09 -0500
Reply-To: Rob <capveg@CS.UMD.EDU>
From: Rob <capveg@CS.UMD.EDU>
X-To: btellier@USA.NET
To: BUGTRAQ@SECURITYFOCUS.COM
In-Reply-To: Your message of "Sat, 30 Oct 1999 23:14:25 MST."
<381BDE3E.D5466143@usa.net>
>Amanda's "runtar" program, suid root by default on FreeBSD 3.3, calls
>/usr/bin/tar and passes all args given to runtar to this program. Tar is
FWIW, runtar does not need to be suid root if the amanda user (defaults to
user "amanda") has read access to the raw disks. This is typically
accomplished
by adding amanda to which ever group owns the disks. This doesn't fix the
buffer overflow problem in tar, but it is a decent work around.
Of course, it would be better if setuid root were not the default
configuration :(
- Rob
.
