asfsm: It looked merely broken, but now I see it's dangerous.

Kris Coward (kristofer.coward@utoronto.ca)
Tue, 25 Aug 1998 00:51:12 -0400 (EDT)


I noticed something kinda bleh with asfsm today..
I ssh-ed into my home machine (while I still have a solid connection) from the
login window after running xinit (so I wouldn't have the wm at work get in the
way), and having this login window up revealed a great deal to me.
It kept giving me the error message: /usr/tmp/statfs: Permission denied. or
something to that effect, so I take a look at this statfs, and lo and behold,
it belongs to root (I have several X servers running at once, the first one of
which was started is running as root). It appears to be the file that asfsm
uses to store disk usage information, and it's overwritten completely as root
every 30s... in a *WORLD WRITEABLE DIRECTORY*
This is a Very Bad Thing, since any schmuck could (in /usr/tmp) do ln -s
/etc/passwd statfs. It's also a Sortof Bad Thing in that if you have multiple
copies of asfsm running as different users, all but one of them fill up the
terminal with useless error messages, that and for some reason, the statfs that
was cluing me into this problem was quite stale, and giving bad information to
me.
Needless to say.. this could use fixing.. I'm going to try to find time to
patch it up myself, but if there's no further word in a week, I've had no luck.

I will also be posting notice of this on bugtraq.

Kris Coward

--
   WWW:   http://www.afterstep.org/
   FTP:   ftp://ftp.afterstep.org/
   MAIL:  http://www.caldera.com/linuxcenter/forums/afterstep.html