11rcombs Posted September 2, 2015 Share Posted September 2, 2015 Currently, the boot flash drive is mounted world-writable during startup. This creates potential privilege escalation vulnerabilities, since a process running as an individual user could add lines to /boot/config/go, or overwrite the kernel image or initramfs. Could /boot be mounted with perms set to 0755 instead? Quote Link to comment
limetech Posted September 2, 2015 Share Posted September 2, 2015 There are no individual users in unRAID. Quote Link to comment
11rcombs Posted September 21, 2015 Author Share Posted September 21, 2015 There are no individual users in unRAID. Sorry? I'm confused. A number of plugins create a user for their services to run under, or run as `nobody`, either by using sudo or su in their startup scripts, or by calling setuid/setgid once started. A compromise to one of those services shouldn't allow an attacker to overwrite the entire boot drive. Quote Link to comment
Recommended Posts
Join the conversation
You can post now and register later. If you have an account, sign in now to post with your account.
Note: Your post will require moderator approval before it will be visible.