[OpenAFS] Re: [OpenAFS-announce] OpenAFS Security Advisory 2007-001: privilege
escalation in Unix-based clients
Fri, 23 Mar 2007 07:45:49 -0600
I'm still wondering if
a. Removing system:anyuser from ACLs will prevent this privilege escalation
b. Removing system:anyuser from ACLs except "system:anyuser l" will
prevent the privilege escalation (i.e. the only occurrence of
system:anyuser is with l permission)
Any definitive conclusions?
Kim Kimball wrote:
> Yes, but I thought this depended on a file in the cache that had been
> retrieved over an unauthenticated connection.
> Lookup won't put a file in the cache.
> Jeffrey Altman wrote:
>> Kim Kimball wrote:
>>> If I abandon use of system:anyuser, except for lookup, does that get
>>> job done?
>>> It seems to me that this forces all connections capable of fetching
>>> to be authenticated. If I'm reading the alert correctly, this would
>>> prevent FetchStatus exploit?
>> Lookup is performed via FetchStatus
>> Jeffrey Altman