Recently we have encountered a security issue - we could successfully access directory with limited permissions.
We have a directory that is mounted from NFS Storage and its permissions are 750 like below:
Code: Select all
drwxr-x--- 28 <userowner> <groupowner> 589 Sep 16 15:22 <dir_path>
<groupowner> GID is 237
We have created a new user with UID=3985 and tried accessing this directory and succeeded.
We did a packet sniffing and found that this user has membership of Auxiliary GID=237, while he IS not a member of that group in NIS or local group file!
We stopped the NIS/NSCD on that client machine and added the same user locally with the same UID.
NOTE: The 'id -a' output showed that he was not member of any group besides his main group which is '101'.
The problem still persisted.
Also the Storage vendor provided us with input that the problem is on the client machine.
Can there be any cache or configuration that we are missing on the client side?
Our spec:
OS: CentOS 5.5 x86_64
NFS: NFSv3
NFS Mount options: nfs rw,vers=3,rsize=131072,wsize=524288,hard,proto=tcp,timeo=600,retrans=2,sec=sys,addr=<storage_address> 0 0
I appreciate any help in how to root cause and resolve this strange behavior.
Thanks.