bug-hurd
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: feature-mtab-translator (v3)


From: Neal H. Walfield
Subject: Re: feature-mtab-translator (v3)
Date: Mon, 22 Jul 2013 17:36:54 +0200
User-agent: Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Goj┼Ź) APEL/10.8 Emacs/23.2 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO)

At Fri, 19 Jul 2013 18:04:47 +0200,
Justus Winter wrote:
> My personal preference would be to run the translator on /proc/mounts
> as unprivileged user created solely for this purpose by default. It's
> up to the system administrator to change that if he wishes. I know
> it's not as magically as it could be if the mtab translator would
> impersonate the requesting user, but then again, this is no problem of
> the RPC procedure or the server side implementation of it.

The translator should never impersonate the user.  At most it should
mediate access.  If more authority is needed, the client should
interact directly with the translator in question.  This can be done
by having the mediator return an unauthenticated port.  Anything else
will request in the confused deputy and a huge attack surface.

Neal



reply via email to

[Prev in Thread] Current Thread [Next in Thread]