From owner-freebsd-hackers  Wed Oct  6 23: 2:52 1999
Delivered-To: freebsd-hackers@freebsd.org
Received: from wit401310.student.utwente.nl (wit401310.student.utwente.nl [130.89.236.150])
	by hub.freebsd.org (Postfix) with ESMTP id 749F214F83
	for <FreeBSD-Hackers@freebsd.org>; Wed,  6 Oct 1999 23:02:49 -0700 (PDT)
	(envelope-from dalroi@wit401310.student.utwente.nl)
Received: from wit401310.student.utwente.nl (localhost [127.0.0.1])
	by wit401310.student.utwente.nl (Postfix) with ESMTP
	id 6D1A71DD0; Thu,  7 Oct 1999 08:02:51 +0200 (CEST)
Date: Thu, 7 Oct 1999 08:02:50 +0200 (CEST)
From: Alban Hertroys <dalroi@wit401310.student.utwente.nl>
Subject: Re: Apple's planned appoach to permissions on movable filesystems
To: wsanchez@apple.com
Cc: Pat Dirks <pwd@apple.com>,
	FreeBSD Hackers <FreeBSD-Hackers@freebsd.org>
In-Reply-To: <199910070011.RAA00314@scv2.apple.com>
MIME-Version: 1.0
Content-Type: TEXT/plain; CHARSET=US-ASCII
Message-Id: <19991007060251.6D1A71DD0@wit401310.student.utwente.nl>
Sender: owner-freebsd-hackers@FreeBSD.ORG
Precedence: bulk
X-Loop: FreeBSD.ORG

On  6 Oct, Wilfredo Sanchez wrote:
> | I would rather brand the filesystem with the ID of the host. The
> | starting situation is an "unmarked" filesystem. If a host detects the 
> | mounting of an "unmarked" filesystem, it will brand it with it's ID. If 
> | it detects a filesystem that has an ID that differs from the host's ID, 
> | it is a foreign filesystem. Seems quite simple to me...
> 
>   But then you have to put that information on the disk, and you're  
> back to trusting the disk.  "Um, yeah, I'm local. Trust me."

Hmmm... But you can also fake the filesystem ID to be one that was
previously known by the system. Just make the filesystem local, put
some horrible executables on it, and write back the original idea (if
that's at all necessary, I'm still not sure it gets changed in between).

The problem is that you write a "unique" ID on the disk. You can read
the disk, so you can store that ID and write it back if you do want to
harm somebody. Is public key encryption, or something like that, a
solution? Or is this not necessary?

My .001 cts.

-- 
Alban Hertroys.
http://wit401310.student.utwente.nl
---
If I had a sig it would be fun.
The quest for the Holy Sig has begun.
I have not yet a clue,
What will you see next issue?



To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-hackers" in the body of the message