[Top][All Lists]
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
rshd/rexecd chdir as root issues under NFS
From: |
Alex Muntada |
Subject: |
rshd/rexecd chdir as root issues under NFS |
Date: |
Thu, 5 Sep 2002 10:31:57 +0200 |
User-agent: |
Mutt/1.4i |
VERSION
inetutils-1.4.1
SYNOPSIS
Some time ago I got some trouble running rshd in NFS mounted
home directories. I'm using Red Hat Linux and rshd is provided
by a package named netkit-rsh or rsh. Since I was unable to
find a way to report that issue to the original authors, I
reported it to RedHat[1]. But today I got a mail from GNU
announcing the new inetutils-1.4.1 version and just checked
it out.
DESCRIPTION
rshd and rexecd fail to change to user's home directory if it
is mounted by NFS because it performs chdir(2) syscall before
setuid(2) and user running rshd (i.e. root) becomes nobody in
NFS mounts (this is a common scenario).
This issue can be reproduced by following these steps:
1. "mount /home" by NFS from some other host.
2. "chmod o= /home/username" disabling access to user nobody
(username should still have access to its own home).
3. "rsh -l username hostname" from a remote host.
4. "pwd" to get the current working directory (beware! must
check that no "chdir" is performed during shell setup).
The expected results should be "/home/username" but pwd command
actually shows "/".
WORKAROUNDS
There are two work-arounds to solve this issue but they have
some security drawbacks: first is "chmod o+x /home/username",
which enables user nobody to perform chdir(2) syscall before
changing UID through setuid(2), but users may not want
everybody to be able to access its home directory. Second is
to enable the "no_root_squash" option or equivalent in the
exportfs file.
The best approach would be to modify rshd.c to perform UID
changes before chdir(2), which should be performed while
running as the user (not root nor nobody).
PATCHES
See the attached files rshd.c.diff and rexecd.c.diff.
REFERENCES
[1] https://bugzilla.redhat.com/bugzilla/show_bug.cgi?id=57392
THANKS
Feel free to ask me for further info and/or help.
Thanks in advance.
--
Alex Muntada <address@hidden>
http://people.ac.upc.es/alexm/
rshd.c.diff
Description: rshd.c.diff
rexecd.c.diff
Description: rexecd.c.diff
- rshd/rexecd chdir as root issues under NFS,
Alex Muntada <=