Reading read-protected devices in *BSD

From: Hubert Feyrer (feyrerat_private-REGENSBURG.DE)
Date: Sun Sep 06 1998 - 06:52:05 PDT

Next message: Seth David Schoen: "Re: sshd exploit?"

Previous message: Lethan: "Re: Windows File Share Scanner"
Next in thread: Todd C. Miller: "Re: Reading read-protected devices in *BSD"
Reply: Todd C. Miller: "Re: Reading read-protected devices in *BSD"
Reply: Eivind Eklund: "Re: Reading read-protected devices in *BSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

In {Free,Net,Open}BSD, any user can mount a filesystem as long as he owns
the mountpoint, and has appropriate access to the device to mount from.
Almost! For the cd9660 filesystem (and at least on NetBSD, the filecorefs)
this second check was not performed, and any user was able to and access a
CDROM whether /dev/cd0a was accessible to him or not.

This was fixed in NetBSD on 19980905 by Charles Hannum, the problem is
still present in Free- and OpenBSD as of the time of this writing.


 - Hubert

--
Hubert Feyrer <hubert.feyrerat_private-regensburg.de>

Next message: Seth David Schoen: "Re: sshd exploit?"
Previous message: Lethan: "Re: Windows File Share Scanner"
Next in thread: Todd C. Miller: "Re: Reading read-protected devices in *BSD"
Reply: Todd C. Miller: "Re: Reading read-protected devices in *BSD"
Reply: Eivind Eklund: "Re: Reading read-protected devices in *BSD"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:15:11 PDT