fbraab@leuze-owen.de (Fritz B. Raab) (08/14/90)
Does somebody know if there is a patch available for the PC/NFS 3.0.1 setuid/setgid bug ? PC/NFS does not recognize that a parent directory has s-bits. Thus, a new made directory (with md in DOS) has wrong group id. To avoid this, I use 'rsh host mkdir path' at the moment, but thats not nice... (-: Fritz B. Raab | email: fbraab@leuze-owen.de :-) (-: Leuze electronic, Abt. TDV | old: ..uunet!unido!leuze!fbraab :-) (-: In der Braike 1 | fbraab@leuze.uucp :-) (-: D7311 Owen / Teck W.Germany | voice: +49 7021 573185 fax: 573200 :-)
geoff@hinode.East.Sun.COM (Geoff Arnold @ Sun BOS - R.H. coast near the top) (08/14/90)
Quoth fbraab@leuze-owen.de (Fritz B. Raab) (in <1471@leuze-owen.de>): # #Does somebody know if there is a patch available for the PC/NFS 3.0.1 #setuid/setgid bug ? #PC/NFS does not recognize that a parent directory has s-bits. Thus, a #new made directory (with md in DOS) has wrong group id. To avoid this, #I use 'rsh host mkdir path' at the moment, but thats not nice... Unfortunately it's not really patchable. It will be fixed in the next release, which may or may not be a consolation... -- Geoff Arnold, PC-NFS architect, Sun Microsystems. (geoff@East.Sun.COM) -- ** Back in the USA after a month in England. Most memorable scene: visiting ** ** the "Duke Humfrey" library (part of the Bodleian in Oxford): wonderful ** ** 15th century ceiling, incanabulae and desks, the latter with PCs on... **
fbraab@leuze.UUCP (Fritz B. Raab) (08/16/90)
geoff@hinode.East.Sun.COM (Geoff Arnold @ Sun BOS - R.H. coast near the top) writes: >Quoth fbraab@leuze-owen.de (Fritz B. Raab) (in <1471@leuze-owen.de>): ># >#Does somebody know if there is a patch available for the PC/NFS 3.0.1 >#setuid/setgid bug ? >Unfortunately it's not really patchable. It will be fixed in the next >release, which may or may not be a consolation... Well, is there already a silver stripe of a release date on the horizon...? (-: Fritz B. Raab | email: fbraab@leuze-owen.de :-) (-: Leuze electronic, Abt. TDV | old: ..uunet!unido!leuze!fbraab :-) (-: In der Braike 1 | fbraab@leuze.uucp :-) (-: D7311 Owen / Teck W.Germany | voice: +49 7021 573185 fax: 573200 :-) -- (-: Fritz B. Raab | email: fbraab@leuze-owen.de :-) (-: Leuze electronic, Abt. TDV | old: ..uunet!unido!leuze!fbraab :-) (-: In der Braike 1 | fbraab@leuze.uucp :-) (-: D7311 Owen / Teck W.Germany | voice: +49 7021 573185 fax: 573200 :-)
TOMIII@MTUS5.BITNET (Thomas Dwyer III) (08/17/90)
>>#PC/NFS does not recognize that a parent directory has s-bits. Thus, a >>#new made directory (with md in DOS) has wrong group id. To avoid this, >>#I use 'rsh host mkdir path' at the moment, but thats not nice... >Unfortunately it's not really patchable. It will be fixed in the next >release, which may or may not be a consolation... What about a chgrp command and how about setuid programs actually running under the owner's name? :-) Thomas Dwyer III TOMIII @ MTUS5.BITNET Network Programmer DWYERIII @ MTUS5.BITNET Computing Technology Services Michigan Technological University
fbraab@leuze.UUCP (Fritz B. Raab) (08/20/90)
TOMIII@MTUS5.BITNET (Thomas Dwyer III) writes: >>>#PC/NFS does not recognize that a parent directory has s-bits. Thus, a >>>#new made directory (with md in DOS) has wrong group id. To avoid this, >>>#I use 'rsh host mkdir path' at the moment, but thats not nice... >>Unfortunately it's not really patchable. It will be fixed in the next >>release, which may or may not be a consolation... >What about a chgrp command and how about setuid programs actually running >under the owner's name? :-) Well, chgrp is NOT a PC-NFS command and chmod 2775 does NOT work, under UNIX everything works correct, that's not the problem... The problem is, that PC-NFS users must not get a login shell (for security reasons, because their passwds are simple and the machine is connected out- side...) (-: Fritz B. Raab | email: fbraab@leuze-owen.de :-) (-: Leuze electronic, Abt. TDV | old: ..uunet!unido!leuze!fbraab :-) (-: In der Braike 1 | fbraab@leuze.uucp :-) (-: D7311 Owen / Teck W.Germany | voice: +49 7021 573185 fax: 573200 :-) -- (-: Fritz B. Raab | email: fbraab@leuze-owen.de :-) (-: Leuze electronic, Abt. TDV | old: ..uunet!unido!leuze!fbraab :-) (-: In der Braike 1 | fbraab@leuze.uucp :-) (-: D7311 Owen / Teck W.Germany | voice: +49 7021 573185 fax: 573200 :-)