Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Linux CS install requires access rights review. [CORE2195] #2623

Closed
firebird-issue-importer opened this issue Nov 17, 2008 · 9 comments
Closed

Linux CS install requires access rights review. [CORE2195] #2623

firebird-issue-importer opened this issue Nov 17, 2008 · 9 comments

Comments

@firebird-issue-importer

Submitted by: @AlexPeshkoff

CS and SS have slightly different access rights assignment. It will be good to unify them as much as possible.

Commits: 8ac0ebf 00dcea3

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 17, 2008

Commented by: @AlexPeshkoff

This issue also should fix security problem. Currently in CS we have .conf files read-only, owned by firebird. But in case of successfull attack on any fb_inet_server process (runuser is firebird), it is perfectly easy for attacker to chmod that file (owned by him) - and change firebird configuration / aliases, which is IMHO security risk.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 17, 2008

Modified by: @AlexPeshkoff

assignee: Alexander Peshkov [ alexpeshkoff ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 17, 2008

Commented by: Mark O'Donohue (skywalker)

Hi Alex

What are the different rights?

As I remember there were specifically some different ones, because of the different ways they operated, with the option of CS running as root for instance, and I think possibly some differences since classic client allows direct access, so there may have been some requirement for access to message files and lock file for example, but I am not sure if those are the attributes that you are talking about.

(posted in the hope that you will answer my other question :-) - Mark

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 17, 2008

Commented by: @AlexPeshkoff

They both can run as root in case crazy client chooses such mode.
And certainly there will be differencies - I mean only avoiding unneeded one. Like most of files owned by user firebird in CS. In SS owner is root and it's correct.

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 18, 2008

Commented by: Mark O'Donohue (skywalker)

Hi ALex

One of the problems was CS files like lock were accessed and updated by all users, not just the Classic Server inetd process.

So for users to access those files they at least needed to be in group "firebird", which gave them privileged access to those files, otherwise the files needed to be world writable.

However there were some clever exploits, where if a user changed those files, I cant remember, but to some odd links, and then server run as normal, running as root, then the server would end up running a shell script that the naughty user had pointed to.

Cheers - Mark

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Dec 2, 2008

Modified by: @AlexPeshkoff

status: Open [ 1 ] => Resolved [ 5 ]

resolution: Fixed [ 1 ]

Fix Version: 2.5 Beta 1 [ 10251 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Nov 8, 2009

Modified by: @pcisar

status: Resolved [ 5 ] => Closed [ 6 ]

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Jan 19, 2016

Modified by: @pavel-zotov

QA Status: No test

@firebird-issue-importer
Copy link
Author

@firebird-issue-importer firebird-issue-importer commented Aug 12, 2016

Modified by: @pavel-zotov

status: Closed [ 6 ] => Closed [ 6 ]

QA Status: No test => Cannot be tested

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment