Date: Sun, 9 Nov 1997 22:35:55 -0500 From: Mark Mayo <mark@vmunix.com> To: Julian Elischer <julian@whistle.com> Cc: hackers@freebsd.org Subject: Re: How useful is this patch? Message-ID: <19971109223555.49470@vmunix.com> In-Reply-To: <Pine.BSF.3.95.971109170848.5649B-100000@current1.whistle.com>; from Julian Elischer on Sun, Nov 09, 1997 at 05:23:10PM -0800 References: <199711092315.PAA27471@implode.root.com> <Pine.BSF.3.95.971109170848.5649B-100000@current1.whistle.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sun, Nov 09, 1997 at 05:23:10PM -0800, Julian Elischer wrote: > of course, > but who said that you have to enable it in you HOME directory? > We want to do this in users 'dropbox' directories > which is not the same as their ho,e directories. > without it there is a never-ending set of complaints about > permissions, and the admin spends a lot of time removing files for users. > As is indicated.. this is implemented as a mount option (default off) > and the directory in question must have the bit set.. > it isn't likely to happen by accident. > We can keep it as a WHISTLE-ONLY mod here, but I thought > I'd see if anyone else wants it.. > I'd rather have it in the general sources than proprietary, > but That's a decision that's beyond me to make.. > (i.e. yours). Personally, I think it would be very useful. It's a situation typical in SMB/Appletalk environments... As long as it's off by default, I don't see a problem. These servers tend to be non-typical Unix boxes anyhow, where users generally don't log in -- they're just using it as a file server. Hell, prevent logins all together - that's what NT basically does (no executable content on the server, just files and printers..). Of course, what we're really looking for here are ACLs.. -Mark > > > On Sun, 9 Nov 1997, David Greenman wrote: > > > >As Julian Elischer wrote: > > > > > >> if a mount option is specified, then setting the SUID bit > > >> on a directory specifies similar inheritance with UIDS as we > > >> presently have with GIDs. > > > > > >As long as it's a mount option (defaulting to off), i think i could > > >live with it. > > > > > >> The SUID bits are hereditary to child directories, and > > >> a file 'given away' in this manner > > >> 1/ cannot be give n to root (would defeat quotas) > > >> 2/ has the execute bits stripped off (and suid) > > > > > >Problem: you can cause someone else a DoS attack by maliciously > > >filling his home directory. > > It doesn't make any differnce about who can write to the directory. > it just changes who OWNS it. > the previous behaviour is more of a DOS attack because > the user may not be able to DELETE things that are owned by others. > > The user can now just delete it. > > > > > > >(I didn't review the patch itself, so i explicitly don't comment on > > >stylistic etc. bugs. Make sure the style adhers to the requirements > > >of style(9).) > > > > You could also create a .rhosts file, allowing anyone to log in as the > > user. You could also create a variety of other files like .tcshrc if it > > didn't already exist and the user's shell was tcsh (and similar other login > > scripts with other shells), or various X resource files if the user might > > start X apps. The list goes on and on. I think it sounds like a major > > security hole for just about anyone who enables it. > How many of these check the owner now? > .rhosts is a security hole anyhow, > and in any case I think that doing this on a home directory would be > foolish. > > it doesn't change who CAN write, just who ends up owning the file.. > I certainly don't think it should be default anywhere. We want it for the > thousands of > 'unwitting' FreeBSD users we have, using it through SAMBA and Netatalk. > > julian > > > > -DG > > > > David Greenman > > Core-team/Principal Architect, The FreeBSD Project > > -- ------------------------------------------------------------------------ Mark Mayo mark@vmunix.com RingZero Comp. http://www.vmunix.com/mark finger mark@vmunix.com for my PGP key and GCS code ------------------------------------------------------------------------ Win95/NT - 32 bit extensions and a graphical shell for a 16 bit patch to an an 8 bit operating system originally coded for a 4 bit microprocessor, written by a 2 bit company that can't stand 1 bit of competition. -UGU
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19971109223555.49470>