Comment 70 for bug 13795

Revision history for this message
In , Paul Szabo (psz-maths) wrote : Re: Bug#299007: base-files: Insecure PATH

Bill,

>> Though nfs-user-server may "know" about the squash_gids option,
>> nfs-kernel-server does not.
>
> You can emulate squash_gids using the ugidd daemon. Just map staff to
> nogroup.
>
> In fact, most of your problems can be solved with use of ugidd, and this
> is not Debian specific.

Using squash_gids or ugidd would prevent an attacker from creating a
setgid-staff object, thus keeping things safe while there are no users in
group staff. Neither squash_gids nor ugidd would prevent scribbling over
the .bashrc file of, or otherwise trojan, a user in group staff.

I beleive that group staff is pretty useless until you put some users into
that group. Using squash_gids or ugidd we can keep it safe in that default
but useless state; we can not make it safe in the useful state.

Would you agree with the above? (Then we should think about groups disk and
tty also.)

(The problem is not Debian-specific. Only the policy is; am not sure if
other distibutions even have a policy.)

Cheers,

Paul Szabo <email address hidden> http://www.maths.usyd.edu.au/u/psz/
School of Mathematics and Statistics University of Sydney Australia