Re: Amanda multiple vendor local root compromises

From: Rob (capvegat_private)
Date: Mon Nov 01 1999 - 16:24:09 PST

Next message: vendicatorat_private: ""Function pointer" attacks."

Previous message: Jay Schimke: "Microsoft/CERT IIS ODBC/RDS/IIS Advisory (MS98-004)"
Next in thread: Alexandre Oliva: "Re: Amanda multiple vendor local root compromises"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

>Amanda's "runtar" program, suid root by default on FreeBSD 3.3, calls
>/usr/bin/tar and passes all args given to runtar to this program. Tar is

FWIW, runtar does not need to be suid root if the amanda user (defaults to
user "amanda") has read access to the raw disks.  This is typically
accomplished
by adding amanda to which ever group owns the disks.  This doesn't fix the
buffer overflow problem in tar, but it is a decent work around.

Of course, it would be better if setuid root were not the default
configuration :(


- Rob
.

Next message: vendicatorat_private: ""Function pointer" attacks."
Previous message: Jay Schimke: "Microsoft/CERT IIS ODBC/RDS/IIS Advisory (MS98-004)"
Next in thread: Alexandre Oliva: "Re: Amanda multiple vendor local root compromises"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 15:09:23 PDT