The Linux mtr tool, preinstalled with Fedora distributions, runs a complex traceroute combined with ping over the given target, giving us complete information about what path the network infrastructure takes to the target, along with how responsive the nodes in the path are. We can see the typical output in the screenshot above. We have all the hosts on the path from our system to linux.org, and we also have the ping result for each one.
Native file sharing in Linux systems is done with NFS (Network File System). Its purpose? Simple and unique: share files in the network. Its implementation? Single purpose: sharing only. It only allows a shared folder across the network to be mounted as a local file system on a different computer. From there, the local Linux will manage shares like any other file: it’s just another file system, and in the nineties this sufficed.
I have a file on my server that you need, so I configure NFS to publish it and you would use the mount command to load it on your end. Everything looks easy, even trivial.
But files you see carry with them important meta information like owner and permissions. How do I tell my file on my server that is configured to answer to a set of users, that it should also work with another set of users found on the computer its shared with? Normally you don’t. When you share files, you also share the users it will work with. Not so with NFS. For NFS, the single purpose was to allow a computer to mount files from a different computer. Users are somebody else’s problem.NFS bunu umursamıyor. Açıklaması şöyle
And so my file travelled to your computer with the exact same permissions found on mine. The owner of the file is user 1000? On your computer it would be the same. Is the owner 1000 on my computer radu? Well, what is owner 1000 on yours? I don’t know. And NFS didn’t care either. It was not its responsibility. In practice this meant I could create my own user 1000, mount shares from a different computer and act on those files like they were mine. This is a major security vulnerability, one trivial to exploit and critical in its implications, allowing me to take over foreign files like they were mine.
