Date: Wed, 12 Feb 1997 10:45:57 -0800 (PST) From: John-Mark Gurney <jmg@nike.efn.org> To: "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at> Cc: freebsd-security@freebsd.org Subject: Re: Raw partition access rights Message-ID: <Pine.BSF.3.95q.970212104203.24299b-100000@hydrogen.nike.efn.org> In-Reply-To: <199702121602.AA076933342@ws2301.gud.siemens.co.at>
next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 Feb 1997, Hr.Ladavac wrote: > Hi all, > > it just occured to me, maybe it's an idiocy, but it might work on > some boxes. I did not try it on FreeBSD. > > Assume there is a volume which is not mounted -nodev. > Assume I create a device node for a raw disk partition. > Assume that I give this node read and write permissions for me. > Assume that I have a hacked fsck which can change metadata for chosen > files on a partition it can read and write. Metadata such as owner, > group, mode bits. > > Since I have just created a device special file, I should be able to open > this raw partition for read and write. I then let my fsck loose. You are > screwed. yes.. this is possible... > Tell me this is impossible. Please :) well.. you told us to assume that you created the node file... :) but under freebsd non-root users can't create node files... so it doesn't work under freebsd.. for more info see mknod(2)... ttyl... John-Mark gurney_j@efn.org http://resnet.uoregon.edu/~gurney_j/ Modem/FAX: (541) 683-6954 (FreeBSD Box) Live in Peace, destroy Micro$oft, support free software, run FreeBSD (unix)
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970212104203.24299b-100000>