According the handbook "18.5.2 Testing the Configuration"
To mount an usb device, I need create a directory in /mnt and set the permission like this:
Let us assume the username is fender_01.
So, now as an unprivileged user I can cp a file to "/mnt/fender_01".
The preoblem is if I didn't mount anything to that directory and didn't create a partition for "/mnt "directory, I can easyly fill the "/" directory by cp some large file to "/mnt/fender_01".
Let us try.
before cp:
after cp a movie to "mnt/fender_01":
So, I think this is a security problem.
To mount an usb device, I need create a directory in /mnt and set the permission like this:
Code:
# mkdir /mnt/username
# chown username:usergroup /mnt/username
So, now as an unprivileged user I can cp a file to "/mnt/fender_01".
The preoblem is if I didn't mount anything to that directory and didn't create a partition for "/mnt "directory, I can easyly fill the "/" directory by cp some large file to "/mnt/fender_01".
Let us try.
before cp:
Code:
df -h
Filesystem Size Used Avail Capacity Mounted on
[color="Red"]/dev/ad12s1a 989M 37M 873M 4% /[/color]
devfs 1.0K 1.0K 0B 100% /dev
/dev/ad12s1g 237G 17G 202G 8% /home
/dev/ad12s1e 3.9G 166K 3.6G 0% /tmp
/dev/ad12s1f 39G 5.1G 31G 14% /usr
/dev/ad12s1d 3.9G 58M 3.5G 2% /var
procfs 4.0K 4.0K 0B 100% /proc
after cp a movie to "mnt/fender_01":
Code:
du -h Seven_Habits.avi
507M Seven_Habits.avi
cp Seven_Habits.avi /mnt/fender_01
df -h
Filesystem Size Used Avail Capacity Mounted on
[color="Red"]/dev/ad12s1a 989M 544M 366M 60% /[/color]
devfs 1.0K 1.0K 0B 100% /dev
/dev/ad12s1g 237G 17G 202G 8% /home
/dev/ad12s1e 3.9G 166K 3.6G 0% /tmp
/dev/ad12s1f 39G 5.1G 31G 14% /usr
/dev/ad12s1d 3.9G 58M 3.5G 2% /var
procfs 4.0K 4.0K 0B 100% /proc
So, I think this is a security problem.