Elevate NFS share checking up to l1 from l2
Reelix opened this issue · comments
As it stands, the check for NFS shares is at level 2 - Which is current reserved for information checks more so than critical ones.
linux-smart-enumeration/lse.sh
Lines 816 to 819 in c795112
The thing is that NFS can easily be misconfigured
https://book.hacktricks.xyz/linux-unix/privilege-escalation/nfs-no_root_squash-misconfiguration-pe
I suggest that either this be elevated to level 1, or an additional level 1 / level 0 check be added for cases where the NFS share specifically contains the no_root_squash
permission.
The no_root_squash
definitely needs a level 0. I will probably add also no_all_squash
as a level 1.
Thank you for reporting this.
I am working on it.
Resolved in version 3.4