From owner-freebsd-bugs  Tue Jan  7 12:50: 6 2003
Delivered-To: freebsd-bugs@hub.freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id A107C37B401
	for <freebsd-bugs@hub.freebsd.org>; Tue,  7 Jan 2003 12:50:04 -0800 (PST)
Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 5282F43E4A
	for <freebsd-bugs@hub.freebsd.org>; Tue,  7 Jan 2003 12:50:04 -0800 (PST)
	(envelope-from gnats@FreeBSD.org)
Received: from freefall.freebsd.org (gnats@localhost [127.0.0.1])
	by freefall.freebsd.org (8.12.6/8.12.6) with ESMTP id h07Ko4NS025065
	for <freebsd-bugs@freefall.freebsd.org>; Tue, 7 Jan 2003 12:50:04 -0800 (PST)
	(envelope-from gnats@freefall.freebsd.org)
Received: (from gnats@localhost)
	by freefall.freebsd.org (8.12.6/8.12.6/Submit) id h07Ko4Kj025064;
	Tue, 7 Jan 2003 12:50:04 -0800 (PST)
Date: Tue, 7 Jan 2003 12:50:04 -0800 (PST)
Message-Id: <200301072050.h07Ko4Kj025064@freefall.freebsd.org>
To: freebsd-bugs@FreeBSD.org
Cc: 
From: Mark <admin@asarian-host.net>
Subject: Re: bin/46838: security vulnerability in dump
Reply-To: Mark <admin@asarian-host.net>
Sender: owner-freebsd-bugs@FreeBSD.ORG
Precedence: bulk
List-ID: <freebsd-bugs.FreeBSD.ORG>
List-Archive: <http://docs.freebsd.org/mail/> (Web Archive)
List-Help: <mailto:majordomo@FreeBSD.ORG?subject=help> (List Instructions)
List-Subscribe: <mailto:majordomo@FreeBSD.ORG?subject=subscribe%20freebsd-bugs>
List-Unsubscribe: <mailto:majordomo@FreeBSD.ORG?subject=unsubscribe%20freebsd-bugs>
X-Loop: FreeBSD.org

The following reply was made to PR bin/46838; it has been noted by GNATS.

From: Mark <admin@asarian-host.net>
To: "David Malone" <dwmalone@maths.tcd.ie>
Cc: <FreeBSD-gnats-submit@freebsd.org>
Subject: Re: bin/46838: security vulnerability in dump
Date: Tue, 7 Jan 2003 21:45:10 +0100

 ----- Original Message -----
 From: "David Malone" <dwmalone@maths.tcd.ie>
 To: "System Administrator" <root@asarian-host.net>
 Cc: <FreeBSD-gnats-submit@FreeBSD.org>
 Sent: Tuesday, January 07, 2003 9:32 PM
 Subject: Re: bin/46838: security vulnerability in dump
 
 > On Tue, Jan 07, 2003 at 09:09:57PM +0100, System Administrator wrote:
 >
 > > When dumping to a file, dump writes this file chmod 644. When the
 > > root-partition is being backed-up, this leaves the dump-file vulnerable
 > > to scanning by unprivileged users for the duration of the dump.
 >
 > I've tested dump in -current, and it creates the file with the mode
 > dictated by my umask. I believe this is the correct behaviour - if
 > you want your dumps created with a more restrictive mode I'd suggest
 > running "umask 077" before running dump.
 >
 > I'll close the PR if this explains the problem you are seeing.
 >
 > David.
 
 I realize running "umask 077" will prevent this problem. But I also believe
 dump is a special case, as most individual programs do not create
 world-readable files containing root's view of the filesystem data.
 
 Just as the correct permissions on /etc/master.passwd are also not dependent
 upon root's umask, so dump-files should, imho, not rely on this, hopefully,
 correctly set external factor. Instead, dump should be safe on its own.
 
 - Mark
 
         System Administrator Asarian-host.org
 
 ---
 "If you were supposed to understand it,
 we wouldn't call it code." - FedEx
 

To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-bugs" in the body of the message