https://bugzilla.novell.com/show_bug.cgi?id=640601
https://bugzilla.novell.com/show_bug.cgi?id=640601#c2
Peter Chiu
changed:
What |Removed |Added
----------------------------------------------------------------------------
Status|RESOLVED |REOPENED
Resolution|INVALID |
--- Comment #2 from Peter Chiu 2010-09-22 16:22:41 UTC ---
I am afraid the problem is not resolved really, as it is reproducible with the
nosuid option.
I don't know if you have tried it yourself.
But I repeated the steps as before, and can reproduce this problem.
Here is the log:
On Server A
mount -o nosuid serverB:/serverB /serverB
mount | grep /serverB
serverB:/serverB on /serverB type nfs
(rw,nosuid,addr=130.246.188.83,nfsvers=3,proto=tcp,mountproto=udp)
sudo mkdir /serverB/newtest
sudo vi script1.c with the above contents
sudo cc -o script.o script.c
sudo chmod 4755 script.o
sudo vi script.sh to contain
mkdir /abcde
sudo chmod 755 script.sh
Now on server B, log on as a non-priv user lp
lp@serverB:/serverB/newtest> ls -ls
total 20
4 -rwxr-xr-x 1 root root 13 2010-09-22 17:01 script2.sh
4 -rw-r--r-- 1 root root 157 2010-09-22 17:00 script.c
12 -rwsr-xr-x 1 root root 11941 2010-09-22 17:00 script.o
lp@serverB:/serverB/newtest> ls -lsd /abcde
ls: cannot access /abcde: No such file or directory
lp@serverB:/serverB/newtest> cat script2.sh
mkdir /abcde
lp@serverB:/serverB/newtest> ls -lsd /abcde
ls: cannot access /abcde: No such file or directory
lp@serverB:/serverB/newtest> sh -xv ./script2.sh
mc () { . /usr/share/mc/bin/mc-wrapper.sh
}
mkdir /abcde
+ mkdir /abcde
mkdir: cannot create directory `/abcde': Permission denied
lp@serverB:/serverB/newtest> ./script.o
lp@serverB:/serverB/newtest> ls -lsd /abcde
4 drwxr-xr-x 2 root lp 4096 2010-09-22 17:04 /abcde
lp@serverB:/serverB/newtest> date
Wed Sep 22 17:04:59 BST 2010
So a new directory abcde is created under the root directory.
This directory cannot be created under the usual situation.
So the option of nosuid is not working.
--
Configure bugmail: https://bugzilla.novell.com/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are on the CC list for the bug.