Re: suid binaries on a user mounted file system

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: suid binaries on a user mounted file system

From:	Thomas Bushnell, BSG
Subject:	Re: suid binaries on a user mounted file system
Date:	07 May 2001 18:39:48 -0700
User-agent:	Gnus/5.0803 (Gnus v5.8.3) Emacs/20.7

Roland McGrath <roland@frob.com> writes:

> > It has occured to me: should suid binaries on a user mounted file system
> > be run as the owner of the filesystem?
> 
> Yes, probably.  Moreover, what it means to get the auth port for running a
> setuid binary should be the very same thing it means to get the auth port
> for running a translator.

No; they should default to nobody if they can't get the assigned IDs.
What should really happen... see below

> I think the reasonable thing to do is something like, try an auth_makeauth
> literally as requested; if that fails, try replacing the ids with the
> filesystem process's or underlying node's ids.

I think this is bad; it assumes that "setuid" means "get as many privs
as possible".

What should happen, of course, is the long-awaited "intersection"
models of getauth, where setuid on a non-root filesystem gives you an
auth port that represents the logical intersection of the two sets of
permissions.

[Prev in Thread]

Current Thread

[Next in Thread]

suid binaries on a user mounted file system, Roland McGrath, 2001/05/05
- Re: suid binaries on a user mounted file system, Thomas Bushnell, BSG <=

Prev by Date: Re: mach_host_self() doesn't acquire new port name?!
Next by Date: Re: [PATCH] tmpfs: now working
Previous by thread: suid binaries on a user mounted file system
Next by thread: PPP: uu_lock()
Index(es):
- Date
- Thread