Nfs -- root privs

Jeff Beadles jeff at tekcsc.MKT.TEK.COM
Wed Feb 1 20:46:16 AEST 1989


In article <695 at blake.acs.washington.edu> mtsu at blake.UUCP (Montana State) writes:
>
>
>I have 4 mVAXen hooked together, and I'm using a lot of NFS serving to
>provicde home directories and all that crap.  I'm running Ultrix 2.3
>on all nodes, I'm not running YP.  What I want to do is to be able to sit
>as root on caesar, and modify files on the other machines.  This used to
>work uder Ultrix 2.0, there was a procedure to change the value of the
>kernel variable nobody to 0 rather than -2.  It don't seem to work under 2.3
>...  I tried changing the nobody passwd entry to 0:0 for UID and GID, and that
>didn't work either.  Any suggestions??
>
>Replies to icsu6000 at caesar.cs.montana.edu or utah-gr!mts-cs!icsu6000 if these
>questions are too basic.


Well, it's a little more involved than that.  Here's how to do it. 
(First, a disclaimer...)

	TEKTRONIX DOES NOT SUPPORT THIS MODIFICATION.

===============================================================================

Unsupported modification to change kernel's idea of who root should be when
traversing an NFS mountpoint.  This is a security problem, if implimented.


ON SERVER MACHINE
--------------------------------------------------------
cd /				# move to root directory

cp vmunix vmunix.old		# make copy of vmunix

adb -w /vmnix /dev/kmem		# invoking adb	

nobody/D			# should say -2

nobody/W 0			# should say _nobody: 0xfffffffe = 0x0

nobody/D			# should say 0

$w				# write

$q				#quit

Then, reboot with the new kernel.
================================================================================



More information about the Comp.unix.wizards mailing list