[OpenAFS] Re: [OpenAFS-devel] Re: [AFS3-std] Changing RXAFS_GetVolumeStatus access check to support volume lock down

Jeffrey Altman jaltman@your-file-system.com
Sun, 15 Jul 2012 12:55:21 -0400

This is an OpenPGP/MIME signed message (RFC 2440 and 3156)
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: quoted-printable

On 7/6/2012 9:16 AM, Harald Barth wrote:
> From: Jeffrey Altman <jaltman@secure-endpoints.com>
> Subject: Re: [OpenAFS-devel] Re: [AFS3-std] Changing RXAFS_GetVolumeSta=
tus access check to support volume lock down
> Date: Thu, 05 Jul 2012 18:48:26 -0400
>> On 7/5/2012 1:23 PM, Jeffrey Hutzelman wrote:
>>> I think it is fine to skip access control checks on this call entirel=
>>> As you point out, the information available via this RPC is also
>>> available to unauthenticated clients via the volserver.
>> I have modified http://gerrit.openafs.org/#change,7705 to remove all
>> access control checks.  I was being conservative by changing the check=

>> to RXAFS_LOOKUP but I am in agreement that the check is not needed at =
> My cents after sleeping on it...
> When there is another door open to access the building, it is not very
> useful to check ID cards at the other.

Based upon the few comments that were received, I'm going to go ahead
and approve http://gerrit.openafs.org/#change,7705 with the intention
that this change be incorporated in the 1.6.2 release.

> If this would be "restricted information" then one would have to
>  (1) Close the unauthenticated method
>  (2) Figure out what WOULD BE a useful access restriction. I think
>      that (l) on the volume root is not good. The right access
>      restriction would IMHO be "open for any user that has (w) or (i)
>      in any directory of the volume". That check is a little more
>      tricky to implement but we don't need to think about it until (1)
>      is changed.

I will start a new thread on openafs-devel to discuss the question of
viable authorization checks on the VL and VOL interfaces since at the
moment there is no authorization data to use to enforce such checks.

Jeffrey Altman

Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"

Version: GnuPG v1.4.9 (MingW32)