lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200907241223.58220.ludwig.nussel@suse.de>
Date:	Fri, 24 Jul 2009 12:23:57 +0200
From:	Ludwig Nussel <ludwig.nussel@...e.de>
To:	linux-fsdevel@...r.kernel.org
Cc:	Valdis.Kletnieks@...edu, linux-kernel@...r.kernel.org
Subject: Re: [PATCH 0/2] implement uid mount option for ext2 and ext3

Valdis.Kletnieks@...edu wrote:
> On Thu, 23 Jul 2009 13:36:29 +0200, Ludwig Nussel said:
> 
> > The following two patches (for 2.6.31-rc4) therefore implement the
> > uid mount option for ext2 and ext3 to make them actually useful on
> > removable media. My implementation just writes uid 0 to disk for
> > files that are owned by the specified user.
> 
> I'm certain this will end up violating the Principle of Least Surprise.
> 
> For instance - you have UID 500 on 2 systems.  Mount on old system, create a
> file - it's owned by 500.  Take it to a new system, mount it, watch it get
> smashed to 0 because it's owned by "you".  Take it back to the old system, and
> hey, you can't edit your file because it's not owned by 500 anymore...

Yes. However, to actually enable the mapping you have to explicitly
add uid=useruid in the fstab of the new system. So if you know your
uid is the same everywhere just don't do that. Everything behaves as
it does today then. If you use hal for mounting it depends on the
policy files and the GUI whether or not you are allowed to override
that mount option.

> Hint:  This *same exact* problem has been an issue for NFS for at least 25
> years. Might want to think about (a) why Yellow Pages (and later LDAP) was
> developed, and (b) why NFS "root squash" traditionally maps to "nobody" rather
> than a usable UID.

I don't see how that helps us here. Sure, a uid != 0 could be used
for the mapping but which one? The uid of user 'nobody' is not the
same across distros.

cu
Ludwig

-- 
 (o_   Ludwig Nussel
 //\   
 V_/_  http://www.suse.de/
SUSE LINUX Products GmbH, GF: Markus Rex, HRB 16746 (AG Nuernberg)

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ