[1626] in bugtraq
Re: nfs_mount in AIX
daemon@ATHENA.MIT.EDU (Andrew Dawson)
Thu Apr 27 07:10:31 1995
From: Andrew Dawson <ccaaand@ucl.ac.uk>
Date: Thu, 27 Apr 1995 09:04:53 +0100
Reply-To: ccaaand@ucl.ac.uk
To: bugtraq@fc.net
>I don't have access to AIX, so I can't read the vmount() docs, so this
>may be a non-issue...but unless it enforces "nosuid,nodev" for non-root
>mounts, there are much greater problems - like someone mounting a
>filesystem providing suid executables, or device special files with
>permissive mode bits.
According to the vmount() documentation in Info-Explorer here (AIX 3.2.5):
"A mount to a directory or a file can be issued if the user has both of the
following:
- Search permission to the directory or file to mount
- Search and write permission to the directory or file to mount over.
To mount a block device, remote file, or remote directory, the calling process
must also have root user authority."
>(Note that if, as the first message implies,
>vmount() allows the mounting of a daemon on a directory, then these
>executables and/or special files do not have to actually exist
>anywhere; root access on another machine is not needed.)
I'm not sure I understand exactly what you mean by "mounting of a daemon on a
directory", but it sounds like what IBM would refer to as writing your own
"virtual file system helper". In AIX, entries for these have to be added to
/etc/vfs, which shouldn't be writeable by normal users.
Andrew.
--
+-----------------------------------------------------------------------------+
| Andrew Dawson, Systems Integration Section, Operating Systems Group |
| Information Systems Division, University College London |
+-----------------------------------------------------------------------------+
