[1607] in bugtraq
nfs_mount in AIX
daemon@ATHENA.MIT.EDU (rick@msc.cornell.edu)
Tue Apr 25 19:03:06 1995
From: rick@msc.cornell.edu
Reply-To: rick@msc.cornell.edu
X-Originated-From: hannah.msc.cornell.edu
To: bugtraq@fc.net
Date: Tue, 25 Apr 1995 17:05:15 -0400 (EDT)
It appears that the completely undocumented routine 'nfs_mount' can be
used by a non-root user to mount a daemon on a directory ala NFS. It
seems to me that this is a very nasty security hole.
I can't offer more details since, as I said, the routine is completely
undocumented, and the only working example I have is in a piece of
third-party software to which I do not have source.
I would appreciate it if someone could shed some light on this.
-Rick
--
|Rick Cochran 607-255-7223|
|Cornell Materials Science Center rick@msc.cornell.edu|
|E20 Clark Hall, Ithaca, N.Y. 14853 cornell!msc.cornell.edu!rick|
| "Workstations - I bet you can't eat just one!" |
