[2769] in bugtraq
Re: BoS: amodload.tar.gz - dynamic SunOS modules
daemon@ATHENA.MIT.EDU (Brett Lymn)
Fri Jun 21 11:18:23 1996
Date: Fri, 21 Jun 1996 20:10:54 +0930
Reply-To: Bugtraq List <BUGTRAQ@NETSPACE.ORG>
From: Brett Lymn <blymn@awadi.com.au>
To: Multiple recipients of list BUGTRAQ <BUGTRAQ@NETSPACE.ORG>
In-Reply-To: <E0uWyuL-0005iz-00@heaton.cl.cam.ac.uk> from "Piete Brooks" at
Jun 21, 96 06:37:25 am
According to Piete Brooks:
>
>Hmm -- as I remember it from times of stress mending broken systems (so the
>old grey cells may not be all that reliable!), if / was r/o, mounts FAILED,
>unless the "-n" flag was set:
>
> -n Mount the file system without making an entry in /etc/mtab.
>
Ahhh your brain cells are better than mine. I remember that now!
Still, if you don't have a reasonable mnttab there to start off with
then you get some weirdness with tools that use it to report things to
do with disks...
>[[ PS: Sean said "Why? If an attacker can alter your system binaries, s/he must
> have root privileges. Which means s/he can also unmount the
> filesystems and remount them read-write."
Uhhh relying on the ro mount option is a Bad Thing (TM) IMHO. When
people started talking write protected file systems I immediately
thought you meant _hardware_ write protect. There are some SCSI hard
disks that have a link that will write protect the disk in hardware so
even if someone gets root on that box they cannot remount the
partitions r/w even if the "-o remount" worked and normally it does.
Another side effect of the write protection is that telnet and rlogin
will no longer work because the will not be able to allocate a pty to
talk on which is a plus on a firewall - cuts out a couple of potential
problems right away. All this said and done, the upshot is that even
if someone gets root on the machine - where do they go? You would be
stupid to trust this machine to any other machine on your network so
they cannot directly log in anywhere else. They cannot install a
trojan because all the binaries are hardware write protected. It does
make life a bit difficult ;-)
--
Brett Lymn, Computer Systems Administrator, AWA Defence Industries
===============================================================================
"Upgrading your memory gives you MORE RAM!" - ad in MacWAREHOUSE catalogue.
