Security issue accessing directories with 750 permissions

Support for security such as Firewalls and securing linux
yuribu
Posts: 7
Joined: 2014/09/29 14:03:41

Security issue accessing directories with 750 permissions

Post by yuribu » 2014/09/29 14:24:49

Hello to distinguished forum members,

Recently we have encountered a security issue - we could successfully access directory with limited permissions.

We have a directory that is mounted from NFS Storage and its permissions are 750 like below:

Code: Select all

drwxr-x--- 28 <userowner> <groupowner> 589 Sep 16 15:22 <dir_path>
<userowner> UID is 1467
<groupowner> GID is 237

We have created a new user with UID=3985 and tried accessing this directory and succeeded.
We did a packet sniffing and found that this user has membership of Auxiliary GID=237, while he IS not a member of that group in NIS or local group file!

We stopped the NIS/NSCD on that client machine and added the same user locally with the same UID.
NOTE: The 'id -a' output showed that he was not member of any group besides his main group which is '101'.
The problem still persisted.

Also the Storage vendor provided us with input that the problem is on the client machine.

Can there be any cache or configuration that we are missing on the client side?

Our spec:

OS: CentOS 5.5 x86_64
NFS: NFSv3
NFS Mount options: nfs rw,vers=3,rsize=131072,wsize=524288,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=<storage_address> 0 0

I appreciate any help in how to root cause and resolve this strange behavior.
Thanks.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Security issue accessing directories with 750 permission

Post by TrevorH » 2014/09/29 15:40:01

First step: update to the current release which is CentOS 5.10 with 5.11 ready for release any time now. Run yum update to get to the currently supported version.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

yuribu
Posts: 7
Joined: 2014/09/29 14:03:41

Re: Security issue accessing directories with 750 permission

Post by yuribu » 2014/09/29 16:00:44

Hello TrevorH,

Is there any chance not to upgrade to CentOS 5.10?

We have several hundreds of such servers and the process of upgrading might be problematic.
NOTE: We are running in a production environment.


Thanks.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Security issue accessing directories with 750 permission

Post by TrevorH » 2014/09/29 19:54:11

Have you any idea how old 5.5 is and how many bugs have been fixed since it was released in March 2010? That's 4.5 years worth of bugs, many of which are security related.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

yuribu
Posts: 7
Joined: 2014/09/29 14:03:41

Re: Security issue accessing directories with 750 permission

Post by yuribu » 2014/09/29 20:11:31

Hello TrevorH,

I understand.

If we upgrade we'll make the transition to CentOS 6.X x86_64 platform due to CentOS 5.X EOL soon.
Does CentOS 6 platform for example will include relevant security fixes as if we were moving to CentOS 5.10?

Which of CentOS 6.X is considered secured enough (I know currently the latest one is CentOS 6.5)?

Thank You!

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Security issue accessing directories with 750 permission

Post by TrevorH » 2014/09/29 21:23:55

CentOS 5 does not reach EOL for another 2 and a half years - 31 March, 2017

The only CentOS versions that are supported are the latest ones in each stream - so 5.10 (5.11 soon), 6.5 and 7.0.1406.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

yuribu
Posts: 7
Joined: 2014/09/29 14:03:41

Re: Security issue accessing directories with 750 permission

Post by yuribu » 2014/10/03 11:51:47

Hello TrevorH,

Here is the link to the problem I've previously mentioned:

https://access.redhat.com/solutions/354613

Can you please confirm that its fixed in CentOS 5.10 x86_64,
Thank you.

User avatar
TrevorH
Site Admin
Posts: 33202
Joined: 2009/09/24 10:40:56
Location: Brighton, UK

Re: Security issue accessing directories with 750 permission

Post by TrevorH » 2014/10/03 14:18:06

No idea, I don't have access to that article.
The future appears to be RHEL or Debian. I think I'm going Debian.
Info for USB installs on http://wiki.centos.org/HowTos/InstallFromUSBkey
CentOS 5 and 6 are deadest, do not use them.
Use the FAQ Luke

yuribu
Posts: 7
Joined: 2014/09/29 14:03:41

Re: Security issue accessing directories with 750 permission

Post by yuribu » 2014/10/03 15:05:19

This is the fix for that problem: https://rhn.redhat.com/errata/RHSA-2014-0740.html

Can you or someone else advise if its included in CentOS 5.10,

Thanks.

gulikoza
Posts: 188
Joined: 2007/05/06 20:15:23

Re: Security issue accessing directories with 750 permission

Post by gulikoza » 2014/10/03 17:16:41

kernel-2.6.18-371.9.1.el5 is part of 5.10 updates and has been superseded by kernel-2.6.18-371.12.1.el5 in 5.10 or kernel-2.6.18-398.el5.src.rpm in 5.11.

Post Reply