September 2, 201510 yr Currently, the boot flash drive is mounted world-writable during startup. This creates potential privilege escalation vulnerabilities, since a process running as an individual user could add lines to /boot/config/go, or overwrite the kernel image or initramfs. Could /boot be mounted with perms set to 0755 instead?
September 21, 201510 yr Author There are no individual users in unRAID. Sorry? I'm confused. A number of plugins create a user for their services to run under, or run as `nobody`, either by using sudo or su in their startup scripts, or by calling setuid/setgid once started. A compromise to one of those services shouldn't allow an attacker to overwrite the entire boot drive.
Archived
This topic is now archived and is closed to further replies.