The default /etc/fstab mounts the shared memory filesystem with the 'defaults' argument leaving the system in a vulnerable state. From the Gentoo Linux/x86 Handbook (http://www.gentoo.org/doc/en/handbook/handbook-x86.xml): Code Listing 5: A full /etc/fstab example /dev/hda1 /boot ext2 noauto,noatime 1 2 /dev/hda2 none swap sw 0 0 /dev/hda3 / ext3 noatime 0 1 none /proc proc defaults 0 0 none /dev/shm tmpfs defaults 0 0 Reproducible: Always Steps to Reproduce: 1. Allow a user to upload a root-kit to the system. 2. The user mv's the rk to /dev/shm, un-tar's the rok. 3. The user un-tar's the root-kit. 4. The user executes the root-kit. Actual Results: The user (effectively) 'owns' the box. Expected Results: The weaknesses of the shared memory filesystem seem to be well-enough known by the Security Community that this should be addresses in ALL Gentoo documentation but ESPECIALLY in the Security Guide. e.g., the Gentoo Linux/x86 Handbook (http://www.gentoo.org/doc/en/handbook/handbook-x86.xml)
i'm thinking of changing the default fstab in baselayout to use nodev/noexec/etc...
fixed in cvs