[OpenAFS] Re: [OpenAFS-announce] OpenAFS Security Advisory2007-001: privilege escalation in Unix-based clients

ted creedon tcreedon@easystreet.com
Wed, 21 Mar 2007 10:41:12 -0700


The types of binaries usually kept in a users directory would be executed
with a valid token?

-----Original Message-----
From: openafs-info-admin@openafs.org [mailto:openafs-info-admin@openafs.org]
On Behalf Of Derek Atkins
Sent: Wednesday, March 21, 2007 10:35 AM
To: Derrick J Brashear
Cc: ted creedon; openafs-info@openafs.org
Subject: RE: [OpenAFS] Re: [OpenAFS-announce] OpenAFS Security
Advisory2007-001: privilege escalation in Unix-based clients

Quoting Derrick J Brashear <shadow@dementia.org>:

> On Wed, 21 Mar 2007, ted creedon wrote:
>
>> Therefore, two cells could be used, one suid and the other for everything
>> else?
>
> You could, but that's not going to prevent the attack unless you 
> ensure all access to the setuid cell is authenticated and enforce 
> that at the client end

Well, if everything in the suidcell is system:authuser...  That would
enforce that, right?

-derek

-- 
       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available

_______________________________________________
OpenAFS-info mailing list
OpenAFS-info@openafs.org
https://lists.openafs.org/mailman/listinfo/openafs-info