| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 16 May 2012 10:25:25 +0300 From: Boaz Harrosh <bharrosh@...asas.com> To: NeilBrown <neilb@...e.de>, Jan Kara <jack@...e.cz> CC: Ludwig Nussel <ludwig.nussel@...e.de>, <linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>, Rob Landley <rob@...dley.net>, Andrew Morton <akpm@...ux-foundation.org>, Andreas Dilger <adilger.kernel@...ger.ca>, "Theodore Ts'o" <tytso@....edu>, EXT2 FILE SYSTEM <linux-ext4@...r.kernel.org>, DOCUMENTATION <linux-doc@...r.kernel.org> Subject: Re: [PATCH RESEND] implement uid and gid mount options for ext2, ext3 and ext4 On 05/15/2012 02:15 AM, NeilBrown wrote: > On Fri, 11 May 2012 18:31:35 +0300 Boaz Harrosh <bharrosh@...asas.com> wrote: > >> On 05/11/2012 06:49 AM, Roland Eggner wrote: >> Neil && Jan. As I said in my last mail: "Shared files" problem is not solved by mount options. For me this is just a UNIX new-be 101 problem. You need to share files with friends you make the mistake once. Then you learn and you go on. It's a none problem. Your removable media thing is just your "shared folder" on a UNIX system. Deal with it. Da Or go degrade your FS to vfat security. You are reluctant to chmod all files to be world/group writeable but you are doing just that with your mount option. Perhaps when the chmod -R will scroll through you'd realize that the passwords file you should remove. The POSIX permissions are just for that purpose. "I set access control at creation. Else slave to change them". The mount option they specifically left out, not because they were not clever, but because you don't want it. BTW NTFS is like UNIX. If written in the right user-private permissions you can't read them. Even admin. You can only chown them. BTW Neil with Kerberos auth in an NFS/CIFS shared device like you mentioned, then a uid/gid is already associated with the access automatically. It's a perfect IDEA for these device makers. They need develop nothing only set it up with the same NFS / SAMBA implementations they already use. And one last thing Neil. Yes an rm is a perfect rope for an admin to hang itself, but it is not aimed at auto-mounter scripts I can't believe I got dragged into this again. :-( Boaz -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists