[600] in bugtraq
Re: /etc/mnttab and Solaris 2.4
daemon@ATHENA.MIT.EDU (Davide Gaetano)
Sat Jan 7 14:12:13 1995
From: sysdfg@gsusgi1.gsu.edu (Davide Gaetano)
To: Philippe.Langlois@world-net.sct.fr (Philippe Langlois)
Date: Sat, 7 Jan 1995 12:50:21 -0500 (EST)
Cc: bugtraq@fc.net
In-Reply-To: <199501070559.GAA17772@world-net.sct.fr> from "Philippe Langlois" at Jan 7, 95 06:59:42 am
>
> Hi,
>
> Are there some critical programs that use the getmntent(3C) sets of functions?
>
> I ask that because under Solaris 2.4, the /etc/mnttab is like this (666):
> % ll /etc/mnttab
> -rw-rw-rw- 1 root root 409 Jan 6 13:25 /etc/mnttab
Ours is mode 644. It has to be readable for things like df to
work. Only root needs to be able to write to the file, when
mounting file systems, changeing quota, and such.
Note, that atleast on our system, quotaon sets the mode to 600
and this break the df command (and quota -v for the user if
memory serves)
Anyways, 644 should make all the user commands happy, without
letting people muck up the file on you.
>
> The man says:
> The file mnttab resides in /etc and contains information
> about devices that are currently mounted. mnttab is read by
> programs using the routines described in getmntent(3C).
>
> So if there is any critical program using this file, it can be subverted.
> rite?
>
> Phil.
> --
> > Philippe Langlois -- Net & Unix Admin @ World Net, Paris, France. <
> > Email: phil@worldnet.sct.fr "after all, we're all alike!" <
> > Internet Access at high speed in France? --Sure, but with us! <
>
--
Davide Gaetano
sysdfg@gsusgi1.gsu.edu
