Skip site navigation (1)Skip section navigation (2) 
Date:      Mon, 24 Jul 2000 11:27:42 -0400
From:      Thomas Stromberg <tstromberg@rtci.com>
To:        Paul Hart <hart@iserver.com>
Cc:        freebsd-security@FreeBSD.ORG
Subject:   Re: Status of FreeBSD security work? Audit, regression and cryptoswap?
Message-ID:  <397C606E.131A5CAE@rtci.com>
References:  <Pine.BSF.4.21.0007231906050.32554-100000@anchovy.orem.iserver.com>
next in thread | previous in thread | raw e-mail | index | archive | help 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Paul Hart wrote:
> One other bad thing about using CFS for a home directory is the fact that
> cdetach cannot make distinctions about whether it is the owner of the CFS
> mount who is detaching it.  As long as you know the name of the mount you
> can detach mounts belonging to other people.  Since your home directory
> needs to be a fixed (and well-known) path name, you can become vulnerable
> to a lame variety of denial-of-service attack against your account.
>
> Paul Hart

What we did here for the cfs security disk script was:

$target = sprintf("/crypt/.%lx", int(rand(999999)));

Which provides a relatively randomized mountpoint which lies only in the
knowledge of cfsd and the perl script. I also take advantage of the cfs
feature which hides directories starting with a .

This of course is by no means perfect, but it was secure enough for our
requirements.

However, if you wanted to make use of this as a home directory, you'd
have
to symlink to it (what I did), which would publicize the mountpoint.

<mindlessbabble>
Though I guess some wierd antics can be done by changing the $HOME
variable. ps -e will still find it however, and not all software
respects
$HOME. One could also dynamically modify their getpwent() info, and
store
it in a privatized location (nss-ldap anyone?).. This however is pure
and
utter insanity :) It'd be much easier to mod the cfs code.
</mindlessbabble>

I'd love to see tcfs ported to FreeBSD, maybe it will alleviate some of
the
hackery.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.0.2 (FreeBSD)
Comment: For info see http://www.gnupg.org

iD8DBQE5fGAyoyBzPESpFVQRAgm8AKCdQMn2G8LYeLWRdlh9a8SqWlKexwCfZ7ZO
5xlhcMn/OIY9vwNUBx+PZRI=
=fqqB
-----END PGP SIGNATURE-----

-- 
thomas r. stromberg                :               tstromberg@rtci.com
senior systems administrator       :      http://www.afterthought.org/
research triangle commerce, inc.   :                    1.919.657.1317


To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?397C606E.131A5CAE>