Neohapsis is currently accepting applications for employment. For more information, please visit our website www.neohapsis.com or email hr@neohapsis.com

Neohapsis > Archives > Bugtraq> 1995_2

Bugtraq archives for 2nd quarter (Apr-Jun) 1995: nfs_mount in AIX

nfs_mount in AIX

rickmsc.cornell.edu
Tue, 25 Apr 1995 17:05:15 -0400 (EDT)

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Tom Fitzgerald: "Re: nfs_mount in AIX"
Previous message: Jas: "Re: Kerberos availability (Re: NIS)"
Next in thread: Tom Fitzgerald: "Re: nfs_mount in AIX"

It appears that the completely undocumented routine 'nfs_mount' can be
used by a non-root user to mount a daemon on a directory ala NFS.  It
seems to me that this is a very nasty security hole.

I can't offer more details since, as I said, the routine is completely
undocumented, and the only working example I have is in a piece of
third-party software to which I do not have source.

I would appreciate it if someone could shed some light on this.

-Rick

-- 
|Rick Cochran		  				     607-255-7223|
|Cornell Materials Science Center		     rickmsc.cornell.edu|
|E20 Clark Hall, Ithaca, N.Y. 14853	     cornell!msc.cornell.edu!rick|
|	    "Workstations - I bet you can't eat just one!"		 |

Next message: Tom Fitzgerald: "Re: nfs_mount in AIX"
Previous message: Jas: "Re: Kerberos availability (Re: NIS)"
Next in thread: Tom Fitzgerald: "Re: nfs_mount in AIX"