This is the mail archive of the
libc-alpha@sourceware.org
mailing list for the glibc project.
Security impact of nscd and NSS module bugs (particularly NIS)
- From: Florian Weimer <fweimer at redhat dot com>
- To: GNU C Library <libc-alpha at sourceware dot org>
- Date: Thu, 03 Jul 2014 14:30:38 +0200
- Subject: Security impact of nscd and NSS module bugs (particularly NIS)
- Authentication-results: sourceware.org; auth=none
It's quite difficult to for me to determine the security impact of bugs
in ncsd. We have quite a few crashers under heavy load (threading
issues, cache size leading to stack overflows etc.). What's the
real-world impact of an nscd crash? Is there a functionality impact if
in-process NSS modules are used? (Let's ignore broken modules such as
the the old nss_ldap module.)
The other difficulty in this area is NIS. If we have a buffer overflow
in processing data from NIS, is this a security bug? As far as I can
tell, NIS is mostly used for accounts, so a malicious server could just
serve an account with UID=0, so it's not obvious me that a trust
boundary is crossed (which is required for a security vulnerability).
PS: Our friendly Bugzilla admins disabled notifications for security-
transactions. Thanks!
--
Florian Weimer / Red Hat Product Security