|
Bugtraq
mailing list archives
Re: Amanda multiple vendor local root compromises
From: oliva () LSD IC UNICAMP BR (Alexandre Oliva)
Date: Tue, 2 Nov 1999 09:35:43 -0200
On Nov 1, 1999, Rob <capveg () CS UMD EDU> wrote:
Amanda's "runtar" program, suid root by default on FreeBSD 3.3, calls
/usr/bin/tar and passes all args given to runtar to this program. Tar is
FWIW, runtar does not need to be suid root if the amanda user (defaults to
user "amanda") has read access to the raw disks.
Nope, that's true in the case of `rundump', that is only enabled on
platforms whose dumb `dump' programs must be run as root. But in the
case of `runtar', it needs root permissions because it runs tar and
`tar' reads files, not raw disk devices.
Most of the issues raised for `runtar' also apply to `rundump', except
that `rundump' can't usually be used to create files, only to back
them up. But both programs are installed so that only the Amanda
group (specified at configure time) can run them, with chmod g+x/chgrp
permissions, and only the Amanda user (also specified at configure
time) can tell it to actually run tar (getuid() is checked at program
start-up).
--
Alexandre Oliva http://www.ic.unicamp.br/~oliva IC-Unicamp, Bra[sz]il
oliva () {lsd ic unicamp br,guarana.{org,com}} aoliva () {acm,computer}.org
oliva () {gnu org,kaffe.org,{egcs,sourceware}.cygnus.com,samba.org}
** I may forward mail about projects to mailing lists; please use them
 By Date 
By Thread
Current thread:
- Re: Amanda multiple vendor local root compromises, (continued)
|
Intro
