lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Wed, 16 May 2012 10:25:25 +0300
From:	Boaz Harrosh <bharrosh@...asas.com>
To:	NeilBrown <neilb@...e.de>, Jan Kara <jack@...e.cz>
CC:	Ludwig Nussel <ludwig.nussel@...e.de>,
	<linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>,
	Rob Landley <rob@...dley.net>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Andreas Dilger <adilger.kernel@...ger.ca>,
	"Theodore Ts'o" <tytso@....edu>,
	EXT2 FILE SYSTEM <linux-ext4@...r.kernel.org>,
	DOCUMENTATION <linux-doc@...r.kernel.org>
Subject: Re: [PATCH RESEND] implement uid and gid mount options for ext2,
 ext3 and ext4

On 05/15/2012 02:15 AM, NeilBrown wrote:

> On Fri, 11 May 2012 18:31:35 +0300 Boaz Harrosh <bharrosh@...asas.com> wrote:
> 
>> On 05/11/2012 06:49 AM, Roland Eggner wrote:
>>


Neil && Jan.

As I  said in my last mail:
	"Shared files" problem is not solved by mount options.

For me this is just a UNIX new-be 101 problem. You need to
share files with friends you make the mistake once. Then
you learn and you go on. It's a none problem.

Your removable media thing is just your "shared folder"
on a UNIX system. Deal with it. Da

Or go degrade your FS to vfat security. You are reluctant
to chmod all files to be world/group writeable but you
are doing just that with your mount option. Perhaps
when the chmod -R will scroll through you'd realize
that the passwords file you should remove. The POSIX
permissions are just for that purpose. "I set access
control at creation. Else slave to change them". The
mount option they specifically left out, not because
they were not clever, but because you don't want it.

BTW NTFS is like UNIX. If written in the right user-private
permissions you can't read them. Even admin. You can only chown
them.

BTW Neil with Kerberos auth in an NFS/CIFS shared device
like you mentioned, then a uid/gid is already associated
with the access automatically. It's a perfect IDEA for
these device makers. They need develop nothing only set it
up with the same NFS / SAMBA implementations they already
use.

And one last thing Neil. Yes an rm is a perfect rope
for an admin to hang itself, but it is not aimed at
auto-mounter scripts

I can't believe I got dragged into this again.

:-(
Boaz

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists