lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Wed, 15 Aug 2007 10:02:29 -0700 (PDT)
From:	Marc Perkel <mperkel@...oo.com>
To:	alan <alan@...eserver.org>
Cc:	linux-kernel@...r.kernel.org
Subject: Re: Thinking outside the box on file systems


--- alan <alan@...eserver.org> wrote:

> On Tue, 14 Aug 2007, Marc Perkel wrote:
> 
> > For example. If you list a directory you only see
> the
> > files that you have some rights to and files where
> you
> > have no rights are invisible to you. If a file is
> read
> > only to you then you can't delete it either.
> Having
> > write access to a directory really means that you
> have
> > file create rights. You can also delete files that
> you
> > have write access to. You would also allocate
> > permissions to manage file rights like being able
> to
> > set the rights of inferior users.
> 
> Imagine the fun you will have trying to write a file
> name and being told 
> you cannot write it for some unknown reason. 
> Unbeknownst to you, there is 
> a file there, but it is not owned by you, thus
> invisible.
> 
> Making a file system more user oriented would avoid
> little gotchas like 
> this.  The reason it is "programmer oriented" is
> that those are the people 
> who have worked out why it works and why certain
> things are bad ideas.
>

That not a problem - it's a feature. In such a
situation the person would get a general file creation
error. Although it isn't likely people would structure
files with invisible files in directories that the
user has create permissions it is logical that if I
put a file in a place where the user has no rights I
want it to stay there. Currently the user can delete
files where they have no rights.

I might also want to restrict the kind of a user can
createor give permission to create only certian file
names.

/etc/vz/conf/*.conf - create - readonly - self-rw
/etc/vz/conf - deny 

This would allow the user to read all *.conf files,
create new *.conf files, and full permissions to
read/write/delete files that the user created but not
files that others created. If listing a directory then
only the *.conf files would appear even if other files
are in the directory.


Marc Perkel
Junk Email Filter dot com
http://www.junkemailfilter.com


       
____________________________________________________________________________________
Building a website is a piece of cake. Yahoo! Small Business gives you all the tools to get online.
http://smallbusiness.yahoo.com/webhosting 
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ