multiple partitions - useful mount options for extra security

Rudolf Floers r.floers at web.de
Fri Dec 22 12:43:13 PST 2000


> Wop! I'll take your word for it, since most of these things are either 
> beyond *my* abilities or beyond my *hardware's* (no cd burner here).


this is the programm that does mount scd0 only:


int
main () {

        if (mount("/dev/scd0","/mnt/scd0","iso9660",0xc0ed0001,0)) {
                perror("/dev/scd0");
                return 1;
        }
        return 0;

}


that's all...


see mount(2) manpage for details about the 0xc0ed0001 flag:

The rwflag argument has the magic number 0xC0ED in the top
       16   bits,   and   various  mount  flags  (as  defined  in
       <linux/fs.h> for libc4 and libc5 and in <sys/mount.h>  for
       glibc2) in the low order 16 bits:
       #define MS_RDONLY    1 /* mount read-only */
       #define MS_NOSUID    2 /* ignore suid and sgid bits */
       #define MS_NODEV     4 /* disallow access to device special files */
       #define MS_NOEXEC    8 /* disallow program execution */
       #define MS_SYNC     16 /* writes are synced at once */
       #define MS_REMOUNT  32 /* alter flags of a mounted FS */
       #define MS_MGC_VAL 0xC0ED0000
       If the magic number is absent, then the last two arguments
       are not used.


...

i assume that there's just a very little difference between a read-only and read-write filesystem in the memory.
and andries brouwer, who also sent me the code above, told me:


I think that if /usr offers a standard Unix/Linux system,
root will be able to do everything he wants, but it may be
painful and complicated.
With gdb, or even with dd, one could change the running kernel,
writing to /dev/core.

Apart from that, the mount system call occurs in many utilities,
like automount or perl. Removing one mount binary is probably
not enough.


...


even if we removed gdb,dd, ... there may be a possibility to alter the /proc/whatever file.
but i simply don't know much about the kernel and how it does mount filesystems - so i really can't say.

if you ever try to run a server with such a setup, i'd be happy to hear about.


cu,
RF


PS: excuse my not-so-good english. (i should put that into my signature ...)






More information about the lfs-security mailing list