[OpenAFS-devel] Re: on sockets and devices in AFS
Andrew Deason
adeason@sinenomine.net
Sat, 18 Sep 2010 23:24:37 +0200
On Thu, 16 Sep 2010 18:07:45 -0400
Steve Simmons <scs@umich.edu> wrote:
> When I attach a USB device or hard drive, I expect it to be local.
> Sharing of local devices is almost never a default. The fact that
> someone attaches their sensitive data to an AFS device name shouldn't
> mean their data is suddenly shared. Least surprise applies, and
> security.
>
> What do acls mean at that point? If I mount something on
> /afs/.../scs/dev/hda3 and the acls for my account say it's publicly
> readable, can anyone in afsland mount and read my device?
Speaking as just a user... my first impression of this is that doing
that wouldn't expose the local drive to AFS-land. Rather, any machine
accessing /afs/.../scs/dev/hda3 would try to access the local device
with major number 8, minor 32 (or whatever you made it with, and however
the client interprets the block dev).
Exposing the block device to AFS-space I think would involve some more
AFS-specific or application-specific knowledge of what's going on.
Otherwise, how do you know which client has the device?
I'd expect other special files to have similar issues, though. You
wouldn't normally expect with a fifo or domain socket to be worried
about accesses from foreign networks.
--
Andrew Deason
adeason@sinenomine.net