Date: Tue, 7 Jan 2003 12:50:04 -0800 (PST) From: Mark <admin@asarian-host.net> To: freebsd-bugs@FreeBSD.org Subject: Re: bin/46838: security vulnerability in dump Message-ID: <200301072050.h07Ko4Kj025064@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
The following reply was made to PR bin/46838; it has been noted by GNATS. From: Mark <admin@asarian-host.net> To: "David Malone" <dwmalone@maths.tcd.ie> Cc: <FreeBSD-gnats-submit@freebsd.org> Subject: Re: bin/46838: security vulnerability in dump Date: Tue, 7 Jan 2003 21:45:10 +0100 ----- Original Message ----- From: "David Malone" <dwmalone@maths.tcd.ie> To: "System Administrator" <root@asarian-host.net> Cc: <FreeBSD-gnats-submit@FreeBSD.org> Sent: Tuesday, January 07, 2003 9:32 PM Subject: Re: bin/46838: security vulnerability in dump > On Tue, Jan 07, 2003 at 09:09:57PM +0100, System Administrator wrote: > > > When dumping to a file, dump writes this file chmod 644. When the > > root-partition is being backed-up, this leaves the dump-file vulnerable > > to scanning by unprivileged users for the duration of the dump. > > I've tested dump in -current, and it creates the file with the mode > dictated by my umask. I believe this is the correct behaviour - if > you want your dumps created with a more restrictive mode I'd suggest > running "umask 077" before running dump. > > I'll close the PR if this explains the problem you are seeing. > > David. I realize running "umask 077" will prevent this problem. But I also believe dump is a special case, as most individual programs do not create world-readable files containing root's view of the filesystem data. Just as the correct permissions on /etc/master.passwd are also not dependent upon root's umask, so dump-files should, imho, not rely on this, hopefully, correctly set external factor. Instead, dump should be safe on its own. - Mark System Administrator Asarian-host.org --- "If you were supposed to understand it, we wouldn't call it code." - FedEx To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-bugs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200301072050.h07Ko4Kj025064>