[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <121831.55601.qm@web52502.mail.re2.yahoo.com>
Date: Wed, 15 Aug 2007 10:51:02 -0700 (PDT)
From: Marc Perkel <mperkel@...oo.com>
To: Michael Tharp <gxti@...tiallystapled.com>
Cc: alan <alan@...eserver.org>, linux-kernel@...r.kernel.org
Subject: Re: Thinking outside the box on file systems
--- Michael Tharp <gxti@...tiallystapled.com> wrote:
> Marc Perkel wrote:
> > That not a problem - it's a feature. In such a
> > situation the person would get a general file
> creation
> > error.
>
> Feature or not, it's still vulnerable to probing by
> malicious users. If
> there are create permissions on the directory, the
> invisibility is not
> perfect.
In a real world situation I would think that users
probing for invisible files is more secure that users
knowing the names of files that they have no access
to.
>
> > Although it isn't likely people would structure
> > files with invisible files in directories that the
> > user has create permissions [...]
>
> ... /tmp ...
You're still thinking inside the box. Let's take the
tmp directory for example. /tmp wpuld probably g away
in favor of persomal /tmp directories. As we all know,
/tmp is the source of a lot of vulnerabilities.
One might put a name translation mask on the /tmp name
in the file name translation system. For example:
/tmp -> my /tmp
Thus files written to /tmp would become /mperkel/tmp
and users wouldn't be able to see other users /tmp
files or have any name conflicts.
Let me explain about the concept of thinking outside
the box. If you run into a problem you figure out a
new solution. It's about finding ways to make things
work rather than finding ways to make things not work.
So - we are not only talking about a name permission
system but a file name translation system. Thus a
user's view of the file system might not be the same
for all users. In fact, let's say that mperkel is a
Windows user and is just attacking to Linus as a file
system. Because mperkel is in the windows group the
file system appears as h:\home\mperkel on a native
Linux level and mounts are drive letters. It would use
a Windows name translation mask program that would be
part of the permission/naming system.
Marc Perkel
Junk Email Filter dot com
http://www.junkemailfilter.com
____________________________________________________________________________________
Sick sense of humor? Visit Yahoo! TV's
Comedy with an Edge to see what's on, when.
http://tv.yahoo.com/collections/222
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists