Skip site navigation (1)Skip section navigation (2)
Date:      Wed, 12 Feb 1997 10:45:57 -0800 (PST)
From:      John-Mark Gurney <jmg@nike.efn.org>
To:        "Hr.Ladavac" <lada@ws2301.gud.siemens.co.at>
Cc:        freebsd-security@freebsd.org
Subject:   Re: Raw partition access rights
Message-ID:  <Pine.BSF.3.95q.970212104203.24299b-100000@hydrogen.nike.efn.org>
In-Reply-To: <199702121602.AA076933342@ws2301.gud.siemens.co.at>

next in thread | previous in thread | raw e-mail | index | archive | help
On Wed, 12 Feb 1997, Hr.Ladavac wrote:

> Hi all,
> 
> it just occured to me, maybe it's an idiocy, but it might work on
> some boxes.  I did not try it on FreeBSD.
> 
> Assume there is a volume which is not mounted -nodev.
> Assume I create a device node for a raw disk partition.
> Assume that I give this node read and write permissions for me.
> Assume that I have a hacked fsck which can change metadata for chosen
> files on a partition it can read and write.  Metadata such as owner,
> group, mode bits.
> 
> Since I have just created a device special file, I should be able to open
> this raw partition for read and write.  I then let my fsck loose.  You are
> screwed.

yes.. this is possible...

> Tell me this is impossible.  Please :)

well.. you told us to assume that you created the node file... :)  but
under freebsd non-root users can't create node files... so it doesn't work
under freebsd..  for more info see mknod(2)...  ttyl... 

John-Mark

gurney_j@efn.org
http://resnet.uoregon.edu/~gurney_j/
Modem/FAX: (541) 683-6954   (FreeBSD Box)

Live in Peace, destroy Micro$oft, support free software, run FreeBSD (unix)




Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.3.95q.970212104203.24299b-100000>