[prev in list] [next in list] [prev in thread] [next in thread] 

List:       freebsd-security
Subject:    Re: HP automountd security bulletin (fwd)
From:       Cy Schubert - ITSD Open Systems Group <Cy.Schubert () uumail ! gov ! bc ! ca>
Date:       1999-10-27 1:58:03
[Download RAW message or body]

In message <Pine.LNX.3.96.991026174725.25403D-100000@petra.hos.u-szeged.hu>, Ad
am Szilveszter writes:
> Hi!
> 
> I am not an expert but I would like to ask if we are vulnerable to this
> amd problem I got news about the other day...

I would think that amd could be vulnerable because it supports 
program filesystem (type:=program).  This is not exactly the same as 
automountd's executable maps, but I suspect it could be exploited in 
some way because amd executes an external program to actually perform 
mounts/unmounts.  The following amd patch disables program maps.

--- src/usr.sbin/amd/include/config.h.orig	Sun Aug 29 08:39:16 1999
+++ src/usr.sbin/amd/include/config.h	Mon Oct 25 23:42:20 1999
@@ -35,7 +35,7 @@
 #define HAVE_AM_FS_INHERIT 1
 
 /* Define if have program filesystem */
-#define HAVE_AM_FS_PROGRAM 1
+/* #undef HAVE_AM_FS_PROGRAM */
 
 /* Define if have symbolic-link filesystem */
 #define HAVE_AM_FS_LINK 1


Regards,                       Phone:  (250)387-8437
Cy Schubert                      Fax:  (250)387-5766
Sun/DEC Team, UNIX Group    Internet:  Cy.Schubert@uumail.gov.bc.ca
ITSD                                   Cy.Schubert@gems8.gov.bc.ca
Province of BC
                      "e**(i*pi)+1=0"




To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-security" in the body of the message

[prev in list] [next in list] [prev in thread] [next in thread]