From nobody@www.freebsd.org  Thu Jun 20 09:41:08 2002
Return-Path: <nobody@www.freebsd.org>
Received: from nwww.freebsd.org (www.FreeBSD.org [216.136.204.117])
	by hub.freebsd.org (Postfix) with ESMTP id 8E96F37B480
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Jun 2002 09:41:05 -0700 (PDT)
Received: from www.freebsd.org (localhost [127.0.0.1])
	by nwww.freebsd.org (8.12.2/8.12.2) with ESMTP id g5KGf5hG051982
	for <freebsd-gnats-submit@FreeBSD.org>; Thu, 20 Jun 2002 09:41:05 -0700 (PDT)
	(envelope-from nobody@www.freebsd.org)
Received: (from nobody@localhost)
	by www.freebsd.org (8.12.2/8.12.2/Submit) id g5KGf5of051981;
	Thu, 20 Jun 2002 09:41:05 -0700 (PDT)
Message-Id: <200206201641.g5KGf5of051981@www.freebsd.org>
Date: Thu, 20 Jun 2002 09:41:05 -0700 (PDT)
From: aeonflux <aeonflux@trioptimum.com>
To: freebsd-gnats-submit@FreeBSD.org
Subject: insecure default settings
X-Send-Pr-Version: www-1.0

>Number:         39580
>Category:       conf
>Synopsis:       sysinstall(8): [request] more secure mount options
>Confidential:   no
>Severity:       non-critical
>Priority:       medium
>Responsible:    freebsd-sysinstall
>State:          suspended
>Quarter:        
>Keywords:       
>Date-Required:  
>Class:          change-request
>Submitter-Id:   current-users
>Arrival-Date:   Thu Jun 20 09:50:01 PDT 2002
>Closed-Date:    
>Last-Modified:  Tue Jul 13 13:48:51 UTC 2010
>Originator:     aeonflux
>Release:        4.6 release
>Organization:
none
>Environment:
4.6 release
>Description:
By default in the install, when you have label create the drive partitions for you, a /tmp label is created however it is not mounted with the options "nofollowsymlinks" which would help stop race conditions.

As well, /tmp is not mounted with nosuid, allowing suid bit binaries to execute from the tmp directory.

Further reading from Kris Kennaway
http://old.lwn.net/2000/1221/a/sec-tmp.php3

>How-To-Repeat:
exploit any race condition, like the adobe pdf writer one for example.
symlink a preditable file in /tmp to /etc/master.passwd, etc...  you all know the drill.
>Fix:
edit /etc/fstab after installation and change the options to
"rw,nosymfollow,nosuid"

alter sysinstall to make those options default.
>Release-Note:
>Audit-Trail:
State-Changed-From-To: open->suspended 
State-Changed-By: kris 
State-Changed-When: Sat Jul 12 16:43:36 PDT 2003 
State-Changed-Why:  
Awaiting patch from someone to implement the proposed changes 
to sysinstall. 

http://www.freebsd.org/cgi/query-pr.cgi?pr=39580 
Responsible-Changed-From-To: freebsd-bugs->freebsd-sysinstall 
Responsible-Changed-By: gavin 
Responsible-Changed-When: Tue Jul 13 13:48:51 UTC 2010 
Responsible-Changed-Why:  
Over to maintainer(s) 

http://www.freebsd.org/cgi/query-pr.cgi?pr=39580 
>Unformatted:
