[7900] in bugtraq


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

Reading read-protected devices in *BSD

daemon@ATHENA.MIT.EDU (Hubert Feyrer)
Sun Sep 6 13:52:08 1998

Date: 	Sun, 6 Sep 1998 15:52:05 +0200
Reply-To: Hubert Feyrer <feyrer@RFHS8012.FH-REGENSBURG.DE>
From: Hubert Feyrer <feyrer@RFHS8012.FH-REGENSBURG.DE>
To: BUGTRAQ@NETSPACE.ORG

In {Free,Net,Open}BSD, any user can mount a filesystem as long as he owns
the mountpoint, and has appropriate access to the device to mount from.
Almost! For the cd9660 filesystem (and at least on NetBSD, the filecorefs)
this second check was not performed, and any user was able to and access a
CDROM whether /dev/cd0a was accessible to him or not.

This was fixed in NetBSD on 19980905 by Charles Hannum, the problem is
still present in Free- and OpenBSD as of the time of this writing.

 - Hubert

--
Hubert Feyrer <hubert.feyrer@rz.uni-regensburg.de>


home	help	back	first	fref	pref	prev	next	nref	lref	last	post

[7900] in bugtraq

Reading read-protected devices in *BSD

daemon@ATHENA.MIT.EDU (Hubert Feyrer)Sun Sep 6 13:52:08 1998

daemon@ATHENA.MIT.EDU (Hubert Feyrer)
Sun Sep 6 13:52:08 1998