[email protected]
[Top] [All Lists]

Bug#310757: marked as forwarded (davfs2: doesn't enforce permissions)

Subject: Bug#310757: marked as forwarded davfs2: doesn't enforce permissions
From: Debian Bug Tracking System
Date: Wed, 25 May 2005 12:48:19 -0700
Your message dated Wed, 25 May 2005 21:33:40 +0200
with message-id <[email protected]>
has caused the Debian Bug report #310757,
regarding davfs2: doesn't enforce permissions
to be marked as having been forwarded to the upstream software
author(s) Sung Kim <[email protected]>, Robert Spier 
<[email protected]>.

(NB: If you are a system administrator and have no idea what I am
talking about this indicates a serious mail system misconfiguration
somewhere.  Please contact me immediately.)

Debian bug tracking system administrator
(administrator, Debian Bugs database)

Received: (at 310757-forwarded) by bugs.debian.org; 25 May 2005 19:33:45 +0000
>From [email protected] Wed May 25 12:33:44 2005
Return-path: <[email protected]>
Received: from armagnac.ifi.unizh.ch (albatross.madduck.net) [] 
        by spohr.debian.org with esmtp (Exim 3.35 1 (Debian))
        id 1Db1dQ-0005bZ-00; Wed, 25 May 2005 12:33:44 -0700
Received: from localhost (albatross.madduck.net [])
        by albatross.madduck.net (postfix) with ESMTP id 7BD038D2431;
        Wed, 25 May 2005 21:33:43 +0200 (CEST)
Received: from cirrus.madduck.net (cirrus.madduck.net [])
        (using TLSv1 with cipher DHE-RSA-AES256-SHA (256/256 bits))
        (Client CN "cirrus.madduck.net", Issuer "madduck.net CA" (verified OK))
        by albatross.madduck.net (postfix) with ESMTP id F271189779E;
        Wed, 25 May 2005 21:33:41 +0200 (CEST)
Received: by cirrus.madduck.net (Postfix, from userid 1000)
        id C53FA200410; Wed, 25 May 2005 21:33:40 +0200 (CEST)
Date: Wed, 25 May 2005 21:33:40 +0200
From: martin f krafft <[email protected]>
To: Sung Kim <[email protected]>,
        Robert Spier <[email protected]>
Cc: [email protected]
Subject: Fwd: davfs2: doesn't enforce permissions
Message-ID: <[email protected]>
Mime-Version: 1.0
Content-Type: multipart/signed; micalg=pgp-sha1;
        protocol="application/pgp-signature"; boundary="7JfCtLOvnd9MIVvH"
Content-Disposition: inline
X-OS: Debian GNU/Linux 3.1 kernel 2.6.11-cirrus i686
X-Motto: Keep the good times rollin'
X-Subliminal-Message: debian/rules!
X-Spamtrap: [email protected]
User-Agent: Mutt/1.5.9i
X-Virus-Scanned: by albatross.madduck.net
Delivered-To: [email protected]
X-Spam-Checker-Version: SpamAssassin 2.60-bugs.debian.org_2005_01_02 
        (1.212-2003-09-23-exp) on spohr.debian.org
X-Spam-Status: No, hits=-10.0 required=4.0 tests=BAYES_00,HAS_PACKAGE,
        VALID_BTS_CONTROL autolearn=ham 
X-CrossAssassin-Score: 2

Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

tags 310757 + upstream

This just came in to the Debian bug tracking system. If you ask me,
the bug is justified. davfs2 should provide a filesystem which
enforces Unix permissions. Thus, a file should only be accessible if
the DAV server thinks so *and* the local permissions are set

As we are very close to a Debian stable release, I think we will
have to remove davfs2 from Debian unless we manage to fix this
before the weekend. What do you guys think?

----- Forwarded message from Andrew Pimlott <[email protected]> -----

Date: Wed, 25 May 2005 11:51:10 -0700
=46rom: Andrew Pimlott <[email protected]>
Subject: davfs2: doesn't enforce permissions

Package: davfs2
Version: 0.2.3-2
Severity: grave
Tags: security
Justification: user security hole

It appears that davfs2 does not enforce unix permissions.  I just
mounted a DAV share as root.  When I list permissions in the root of the
mount, I see

    % ls -ld .
    drwxr-xr-x  1 root root 512 2005-05-25 11:43 .
    % ls -l  =20
    total 950
    -rwxr-xr-x  0 root root      6 2005-05-25 11:43 file
    drwxr-xr-x  1 root root    512 2005-05-10 05:18 dir

However, as a regular user, I can create and modify files with no
restrictions.  For example "touch foo" and "echo hello > file" both work
fine.  I also tried mounting with mode=3D0700, and nothing changed, not
even the permissions displayed.  So it appears that there is no way to
restrict access to the mounted DAV share.

Also, on a possibly related note, I see that if I create a file with
"touch foo", foo has the permissions

    -rw-rw-r--  0 root root      0 2005-05-25 11:48 foo

However, if I unmount and remount, then the permissions revent to

    -rwxr-xr-x  0 root root      0 2005-05-25 11:48 foo


-- System Information:
Debian Release: 3.1
  APT prefers unstable
  APT policy: (500, 'unstable')
Architecture: i386 (i686)
Shell:  /bin/sh linked to /bin/bash
Kernel: Linux 2.6.8-2-686
Locale: LANG=3Den_US.UTF-8, LC_CTYPE=3Den_US.UTF-8 (charmap=3DUTF-8)

Versions of packages davfs2 depends on:
ii  libc6                      2.3.2.ds1-22  GNU C Library: Shared librarie=
s an
ii  libneon24                  0.24.7.dfsg-2 An HTTP and WebDAV client libr=
ii  libssl0.9.7                0.9.7g-1      SSL shared libraries
ii  libxml2                    2.6.16-7      GNOME XML library
ii  zlib1g                     1:1.2.2-4     compression library - runtime

-- no debconf information

----- End forwarded message -----

 .''`.     martin f. krafft <[email protected]>
: :'  :    proud Debian developer, admin, user, and author
`. `'`
  `-  Debian - when you have better things to do than fixing a system
Invalid/expired PGP subkeys? Use subkeys.pgp.net as keyserver!
"those who are faithful know only the trivial side of love:
 it is the faithless who know love's tragedies."
                                                        -- oscar wilde

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline

Version: GnuPG v1.4.1 (GNU/Linux)



To UNSUBSCRIBE, email to [email protected]
with a subject of "unsubscribe". Trouble? Contact [email protected]

<Prev in Thread] Current Thread [Next in Thread>
  • Bug#310757: marked as forwarded (davfs2: doesn't enforce permissions), Debian Bug Tracking System <=