STEINKEL%CAR1@leav-emh.army.mil (02/17/91)
From: LELAND STEINKE, 242-4633 Subject: Slashes in filenames? I must have missedsomething... If the prohibition on slashes in filenames is enforced by the kernel, how the bleep does NFS get them in there? If *IX were as modular, well, structured, well, well-behaved as it were supposed to be, shouldn't these things never happen, whether or not there is an exactly appropriate error code for it? Leland J. Steinke, Programmer/Analyst U.S. Army War College, Carlisle, PA 17013 * we make your life difficult, so you won't have to. * my Uncle isn't being represented by me right now...
thurlow@convex.com (Robert Thurlow) (02/17/91)
In <26038@adm.brl.mil> STEINKEL%CAR1@leav-emh.army.mil writes: >If the prohibition on slashes in filenames is enforced by the kernel, how >the bleep does NFS get them in there? The NFS server on BSD/Sun systems is implemented as a module that calls virtual file system (VFS) operations directly; the VFS is a layer below the system call interface. Since many of the old, inviolable firewalls are implemented at the system call level, they had to be duplicated in the NFS server logic. Sun's initial implementation didn't catch a number of these, and neither Sun nor the industry as a whole has kept up with closing them as soon as they were found. The slash issue is old news; other things like the server permitting mknod()s by non-root users are still being found. One of the things that makes it tougher is the fact that Unix clients can't send you such a request, since they still have the firewall in the syscall. Rob T -- Rob Thurlow, thurlow@convex.com An employee and not a spokesman for Convex Computer Corp., Dallas, TX
gwyn@smoke.brl.mil (Doug Gwyn) (02/18/91)
In article <thurlow.666756073@convex.convex.com> thurlow@convex.com (Robert Thurlow) writes: >... other things like the server permitting mknod()s by non-root >users are still being found. Oooh, this is bad news indeed. If exploited, it basically completely circumvents all UNIX security features.
rbj@uunet.UU.NET (Root Boy Jim) (02/20/91)
In article <15236@smoke.brl.mil> gwyn@smoke.brl.mil (Doug Gwyn) writes: ?In article <thurlow.666756073@convex.convex.com> thurlow@convex.com (Robert Thurlow) writes: ?>... other things like the server permitting mknod()s by non-root ?>users are still being found. ? ?Oooh, this is bad news indeed. If exploited, it basically completely ?circumvents all UNIX security features. Well, Doug, let me say it for/with you: NFS is a crock. Remember when "NFS didn't do devices"? Now it does. The wrong way. If I have a di?kless workstation (and friends, in spite of all my previous howling, I do), guess where my devices are? On the SERVER's disk! So my requests for devices on IT's disk refer to MY machine! Are we having fun yet? The mknod bug has been fixed. However, if you can get a user account on someone's machine and get them to mount your disk... Guy Harris wants "nosuid" to also mean "nodev" as well. -- [rbj@uunet 1] stty sane unknown mode: sane
tchrist@convex.COM (Tom Christiansen) (02/20/91)
From the keyboard of rbj@uunet.UU.NET (Root Boy Jim): :The mknod bug has been fixed. However, if you can get a user :account on someone's machine and get them to mount your disk... :Guy Harris wants "nosuid" to also mean "nodev" as well. As do I; in fact, I mentioned this solution (actually, I requested a "nospecial") in my origianl CERT report on this. Unfortunately, Sun didn't do this. They also haven't issued a notice to people who might be using it, like their OEMs. After all, it's "fixed" in 4.1; sigh. --tom -- Tom Christiansen tchrist@convex.com convex!tchrist "All things are possible, but not all expedient." (in life, UNIX, and perl)
mjr@hussar.dco.dec.com (Marcus J. Ranum) (02/22/91)
rbj@uunet.UU.NET (Root Boy Jim) writes: >Remember when "NFS didn't do devices"? Now it does. The wrong way. Is there a right way? If NFS-mounted devices major and minors were not interpreted as special on the client, then diskless nodes would have a certain amount of trouble accessing stuff through /dev. I suppose some kind of flag in the mount to indicate whether major/minor interpretation should be done locally or on the remote machine would work, but it wouldn't handle NFS' "stateless" model when dealing with tape drives, for example. Would the tape drive (if the rewind device) rewind after every write? I forget. Basically NFS is an de facto standard kludge. It's also a kludge that lets a lot of people get what they want done fairly easily, and it's hard to argue against that. mjr.
peter@ficc.ferranti.com (Peter da Silva) (02/26/91)
In article <1991Feb22.141910.17013@decuac.dec.com> mjr@hussar.dco.dec.com (Marcus J. Ranum) writes: > Basically NFS is an de facto standard kludge. It's also a kludge > that lets a lot of people get what they want done fairly easily, and it's > hard to argue against that. Yeh, you have to point to better solutions that actually work. What a crock, to imagine that because something's a "standard" you have to put up with it. Intel's "OpenNET" software provides sufficiently transparent remote file access that people are surprised when their shared memory files don't work over the network. -- Peter da Silva. `-_-' peter@ferranti.com +1 713 274 5180. 'U` "Have you hugged your wolf today?"
mouse@thunder.mcrcim.mcgill.edu (der Mouse) (05/13/91)
In article <26038@adm.brl.mil>, l2!adm!news writes: > From: LELAND STEINKE, 242-4633 > I must have missedsomething... > If the prohibition on slashes in filenames is enforced by the kernel, > how the bleep does NFS get them in there? Because the NFS server is hooked into the filesystem below that check. > If *IX were as modular, well, structured, well, well-behaved as it > were supposed to be, shouldn't these things never happen, [...]? Right. If the world were perfect there'd be no problems. der Mouse old: mcgill-vision!mouse new: mouse@larry.mcrcim.mcgill.edu