Is there an FSDB Manual?

[John F. Haugh II]

In article <572 at pd1.ccd.harris.com> bill at pd1.ccd.harris.com (Bill Davis) writes:
>In article <4960 at cbnewsm.ATT.COM> szirin at cbnewsm.ATT.COM writes:
>>Of course, anyone that can figure out how to use fsdb can easily read your
>>private file without ever touching the directory entry...
>
>If this were true, it would be a nasty security hole.
>Just by knowing fsdb, I could look anywhere in a file
>system and read the contents of files.

It is quite true, and you don't need fsdb [ but it sure does
make things easier ;-) ]

To prevent this your block devices can not be readable by
normal users.

>This doesn't happen here.  Based on information
>available here, I have reason to believe
>it doesn't happen with the major variants of Unix.
>Anyone care to tell me if I am wrong VIA EMAIL
>to avoid spreading any "how to break a Unix system"
>information too widely?  Or better yet, if you find
>a version of Unix that lets someone other than
>root run fsdb and get information out of it (or
>worse yet, change it), perhaps you might want to tell
>your system vendor about it.  You probably don't
>want your system to remain that way.

fsdb -may- have its access modes restricted to root 
only, but this does not prevent someone from writing
an fsdb clone and posting it to the net so everyone
can use it.  However, any system which still has adb
on it has all that is really needed for file system
maintenance.

I have used adb [ just yesterday in fact ] to break
into UNIX systems.  My floppy devices are world
accessible, so I mounted a floppy and created a SUID
root program.  Seems I trashed /etc/shadow and couldn't
login as root ;-(
-- 
John F. Haugh II                        +-Things you didn't want to know:------
VoiceNet: (512) 832-8832   Data: -8835  | The real meaning of MACH is ...
InterNet: jfh at rpp386.cactus.org         |    ... Messages Are Crufty Hacks.
UUCPNet:  {texbell|bigtex}!rpp386!jfh   +--------------------------------------