Date: Thu, 7 Oct 1999 08:02:50 +0200 (CEST) From: Alban Hertroys <dalroi@wit401310.student.utwente.nl> To: wsanchez@apple.com Cc: Pat Dirks <pwd@apple.com>, FreeBSD Hackers <FreeBSD-Hackers@freebsd.org> Subject: Re: Apple's planned appoach to permissions on movable filesystems Message-ID: <19991007060251.6D1A71DD0@wit401310.student.utwente.nl> In-Reply-To: <199910070011.RAA00314@scv2.apple.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On 6 Oct, Wilfredo Sanchez wrote: > | I would rather brand the filesystem with the ID of the host. The > | starting situation is an "unmarked" filesystem. If a host detects the > | mounting of an "unmarked" filesystem, it will brand it with it's ID. If > | it detects a filesystem that has an ID that differs from the host's ID, > | it is a foreign filesystem. Seems quite simple to me... > > But then you have to put that information on the disk, and you're > back to trusting the disk. "Um, yeah, I'm local. Trust me." Hmmm... But you can also fake the filesystem ID to be one that was previously known by the system. Just make the filesystem local, put some horrible executables on it, and write back the original idea (if that's at all necessary, I'm still not sure it gets changed in between). The problem is that you write a "unique" ID on the disk. You can read the disk, so you can store that ID and write it back if you do want to harm somebody. Is public key encryption, or something like that, a solution? Or is this not necessary? My .001 cts. -- Alban Hertroys. http://wit401310.student.utwente.nl --- If I had a sig it would be fun. The quest for the Holy Sig has begun. I have not yet a clue, What will you see next issue? To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19991007060251.6D1A71DD0>