> Hi all,
>
> At Brookhaven National lab, we just found something very interseting.
> That is if you know AFS admin password, you can become root on any
> AFS client machines in the cell (except Solaris machines). We did the
following tests
> on AIX, SGI, HPUX and we succeded. Solaris somehow is smart enough to stop
the
> b
Works on my Solaris machine... of course, I don't use the shell, I use this
simple program:
main() {
setuid(0);
execl("/bin/csh", "csh", 0);
}
The Solaris shell won't run setuid unless you give it a magic arg, as I recall.
> In other words, If I am AFS administrator, I can be root on any AFS client
machines
> belong to my cell. Is it cool ?
Clients can turn it off use fs setcell <your.cell> -nosuid
-D
