Kindly note Re: "[kernel security routines using] getpwnam_r buf too
small-- nfs assigns root:user to krb5 clients"
PR http://www.freebsd.org/cgi/query-pr.cgi?pr=162009
With patches.
There was another related PR. In short, the getpw*_r routines call for
a user buffer in which to put all the strings associated with a passwd
structure. Many routines allow only 128 bytes for this. Others in the
kernel use 1024 or 2048. Not alot of guidance there to work with, eh?
Long gecos info, long principal names, etc causes these routines to
fail.. but the error doesn't seem to prevent non privileged nfs clients
using kerberos security from creating files. And, those files are owned
root:user. Sometimes user:root. Either way, not so good.
Thanks
Harry Coin
_______________________________________________
[email protected] mailing list
http://lists.freebsd.org/mailman/listinfo/freebsd-security
To unsubscribe, send any mail to "[email protected]"
