interesting feature on AMIX..
Steve Warren
swarren at convex.com
Fri Jun 21 07:01:42 AEST 1991
In article <319 at devnull.mpd.tandem.com> lance at mpd.tandem.com (Lance Hartmann) writes:
>In article <1991Jun20.165331.4604 at convex.com> swarren at convex.com (Steve Warren) writes:
>>In article <1991Jun19.204906.19339 at dvorak.amd.com> tim at amd.com (Tim Olson) writes:
>>>File systems should only be mountable by root. Allowing a user to
>>>mount a floppy would be a big security hole.
>>
>>[STUFF DELETED]
>>Every inode would be scanned to make sure that nothing on the floppy violated
>>the priviledges of the user. If anything bogus showed up then the system
>>would refuse to mount it....
>>[REMAINDER DELETED]
>
>Forgive my ignorance, but what do you mean by "scanning the inodes"?
Hey, I'm taking my first OS class right now! I can't tell you the nuts &
bolts of how to do it, but I've never written a file system either! But
what do you think fsck does?
> ... I guess
>you could read the raw floppy device, check the super block, etc.
>before mounting, ...
That is what I am talking about.
> ... but is there a EASY, KNOWN way for checking the stat's of the
>raw contents? For example, you'd certainly want to make sure that there
>weren't ANY files with setuid/setgid bits set (particularly, root owned!).
No root-owned files allowed. If the user does not have permission to write
a file as root, then he can't mount a file-system containing root-owned files.
>I know that all the info would be there, but am wondering how easy/difficult
>it would be to do this....
It is simple. Just don't let the user do anything through a mount that he
wouldn't otherwise be allowed to do through a direct creation of a directory
or file.
--
_.
--Steve ._||__
Warren v\ *|
V
More information about the Comp.unix.amiga
mailing list