Date: Tue, 26 Oct 1999 18:58:03 -0700 From: Cy Schubert - ITSD Open Systems Group <Cy.Schubert@uumail.gov.bc.ca> To: cc@flanker.itl.net.ua Cc: freebsd-security@FreeBSD.ORG, sziszi@petra.hos.u-szeged.hu Subject: Re: HP automountd security bulletin (fwd) Message-ID: <199910270158.SAA08102@cwsys.cwsent.com> In-Reply-To: Your message of "Tue, 26 Oct 1999 17:49:26 %2B0200." <Pine.LNX.3.96.991026174725.25403D-100000@petra.hos.u-szeged.hu>
next in thread | previous in thread | raw e-mail | index | archive | help
In message <Pine.LNX.3.96.991026174725.25403D-100000@petra.hos.u-szeged.hu>, Ad
am Szilveszter writes:
> Hi!
>
> I am not an expert but I would like to ask if we are vulnerable to this
> amd problem I got news about the other day...
I would think that amd could be vulnerable because it supports
program filesystem (type:=program). This is not exactly the same as
automountd's executable maps, but I suspect it could be exploited in
some way because amd executes an external program to actually perform
mounts/unmounts. The following amd patch disables program maps.
--- src/usr.sbin/amd/include/config.h.orig Sun Aug 29 08:39:16 1999
+++ src/usr.sbin/amd/include/config.h Mon Oct 25 23:42:20 1999
@@ -35,7 +35,7 @@
#define HAVE_AM_FS_INHERIT 1
/* Define if have program filesystem */
-#define HAVE_AM_FS_PROGRAM 1
+/* #undef HAVE_AM_FS_PROGRAM */
/* Define if have symbolic-link filesystem */
#define HAVE_AM_FS_LINK 1
Regards, Phone: (250)387-8437
Cy Schubert Fax: (250)387-5766
Sun/DEC Team, UNIX Group Internet: Cy.Schubert@uumail.gov.bc.ca
ITSD Cy.Schubert@gems8.gov.bc.ca
Province of BC
"e**(i*pi)+1=0"
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?199910270158.SAA08102>