Note: This is an archival copy of Security Sun Alert 200184 as previously published on http://sunsolve.sun.com.
Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1000138.1.
Article ID : 1000138.1
Article Type : Sun Alerts (SURE)
Last reviewed : 2010-01-24
Audience : PUBLIC
Copyright Notice: Copyright © 2010, Oracle Corporation and/or its affiliates.

Sparse Files Written to Shared Sun StorEdge QFS or Sun StorEdge SAM-QFS File Systems May Contain Deleted File Content



Category
Security

Release Phase
Resolved

Bug Id
4835558

Date of Workaround Release
01-JUL-2004

Date of Resolved Release
07-Apr-2008

On Sun systems which use a shared Sun StorEdge QFS file system (see below for details)

1. Impact

On Sun systems which use a shared Sun StorEdge QFS file system (as included in the Sun StorEdge Performance Suite) or a Sun StorEdge SAM-QFS file system (as included in the Sun StorEdge Utilization Suite) local unprivileged users may be able to view the contents of deleted files inside sparse files. The deleted files may contain sensitive information which would not be normally accessible to unprivileged users.

Note: This issue affects Sun QFS and SAM-FS shared file systems only. For more information on sparse files, see InfoDoc 77183.


2. Contributing Factors

This issue can occur in the following releases:

SPARC Platform

  • Utilization Suite 4.0 with Sun SAM-FS (for Solaris 8)
  • Utilization Suite 4.0 with Sun SAM-FS (for Solaris 9)
  • Performance Suite 4.0 with Sun QFS (for Solaris 8)
  • Performance Suite 4.0 with Sun QFS (for Solaris 9)
  • Utilization Suite 4.1 with Sun SAM-FS (for Solaris 8)
  • Utilization Suite 4.1 with Sun SAM-FS (for Solaris 9)
  • Performance Suite 4.1 with Sun QFS (for Solaris 8)
  • Performance Suite 4.1 with Sun QFS (for Solaris 9)

Notes:

  1. Solaris on the x86 platform is not affected.
  2. Sun QFS and SAM-FS shared file systems are not supported on the Solaris 7 platform.

This issue only occurs when a sparse file is written directly on a shared QFS client or written on an NFS client which has mounted a shared QFS filesystem from a shared QFS client. User applications or programs that generate these sparse (holey) files on shared QFS client systems by seeking ahead (or back), then writing data, will encounter this issue.

To determine if a file system is running in shared mode, look for the "shared" keyword in the host's "/etc/opt/SUNWsamfs/mcf" file (which is used by both the "SUNWqfs" and the "SUNWsamfs" packages).

Use either of the following commands to determine the Sun QFS or Sun SAM-FS version:

    % pkginfo -l SUNWqfs
PKGINST:  SUNWqfs
NAME:  Sun QFS Solaris 2.9
CATEGORY:  system
ARCH:  sparc
VERSION:  4.0.5,REV=5.8.2002.07.29
% pkginfo -l SUNWsamfs
PKGINST:  SUNWsamfs
NAME:  Sun SAM-FS and Sun SAM-QFS software Solaris 2.8
CATEGORY:  system
ARCH:  sparc
VERSION:  4.0.5,REV=5.8.2002.07.29

Note: For more details please see the "Sun QFS, Sun SAM-FS, and Sun SAM-QFS File System Administrator's Guide".


3. Symptoms

For sparse files generated on the shared QFS client, data that is read from these files on either shared QFS clients or the shared QFS metadata server will contain information from whatever disk blocks happened to be associated with the file, and the file will appear corrupt. (There is actually no loss of written data).


4. Workaround

The workaround is to not write sparse files from shared QFS client systems. Alternatively, sharing data out from the shared QFS metadata server via NFS should be considered. File security issues may require moving sensitive information from shared QFS to standard UFS(7FS) filesystems.


5. Resolution
There are no further updates planned for this Sun Alert document. If
you need additional assistance regarding this issue, please contact Sun
Services.


This Sun Alert notification is being provided to you on an "AS IS"
basis. This Sun Alert notification may contain information provided by
third parties. The issues described in this Sun Alert notification may
or may not impact your system(s). Sun makes no representations,
warranties, or guarantees as to the information contained herein. ANY
AND ALL WARRANTIES, EXPRESS OR IMPLIED, INCLUDING WITHOUT LIMITATION
WARRANTIES OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE, OR
NON-INFRINGEMENT, ARE HEREBY DISCLAIMED. BY ACCESSING THIS DOCUMENT YOU
ACKNOWLEDGE THAT SUN SHALL IN NO EVENT BE LIABLE FOR ANY DIRECT,
INDIRECT, INCIDENTAL, PUNITIVE, OR CONSEQUENTIAL DAMAGES THAT ARISE OUT
OF YOUR USE OR FAILURE TO USE THE INFORMATION CONTAINED HEREIN. This
Sun Alert notification contains Sun proprietary and confidential
information. It is being provided to you pursuant to the provisions of
your agreement to purchase services from Sun, or, if you do not have
such an agreement, the Sun.com Terms of Use. This Sun Alert
notification may only be used for the purposes contemplated by these
agreements.


Copyright 2000-2008 Sun Microsystems, Inc., 4150 Network Circle, Santa Clara, CA 95054 U.S.A. All rights reserved.


Modification History
07-Apr-2008: no further updates. Resolved

27-OCT-2004
  • Clarifications made on "Impact", "Symptoms", and "Relief/Workaround"
10-AUG-2004
  • Updated to re-release to "Unresolved Public SunSolve"


Product
Sun StorageTek SAM-FS 4.3 Software


























Attachments
This solution has no attachment