[OpenAFS-devel] device nodes...

Nathan Neulinger nneul@umr.edu
Thu, 22 Feb 2001 09:09:42 -0600 

Very cool way of doing it... 

You're restricting mount point creation? How? Is that a local mod?

-- Nathan

Jeffrey Hutzelman wrote:
> 
> On 20 Feb 2001, Derek Atkins wrote:
> 
> > The major problem with device-nodes is that devices are extremely
> > system-dependent.  That doesn't mean that I'm against them; I've found
> > a number of times when having a device node in AFS would be extremely
> > useful (e.g. building a RedHat installer disk).  But I can easily see
> > the original argument and can usually find workarounds for the cases
> > where I find I want to use device nodes in AFS.
> 
> Yeah.  The problem here is that if you (an admin) create an innocuous
> device on one system, it may turn out to be dangerous on some other
> platform.  Also, having device support in the cache manager at all
> introduces the possibility for some nasty attacks where a user spoofs
> responses to his own requests in order to trick the cache manager into
> letting him access a device.
> 
> In order to come close to being safe, I would propose something like the
> following, if device nodes are to be supported at all...
> 
> Device nodes are represented in AFS as magic symlinks, in the same way
> as mount points.  No special tool or fileserver support is required to
> create and manipulate them, though some cells may wish to restrict who
> can create such links (as we do for mount points), and workstations may
> want to restrict which cells' devices can be used.
> 
> The target of a magic link is a _symbolic_ platform-independent name for
> the device to be referenced.  This name is looked up by the cache manager
> in a locally-maintained table to find the actual device type (block or
> char), device ID, and permissions.  The magic table is loaded at startup
> by afsd, and may be manipulated later using fs commands by a superuser.
> 
> With this design, a user may create or spoof a "device reference", but
> it can only refer to a device which has been explicitly configured by
> the workstation's administrator, and even then the permissions set by
> the admin will be enforced.
> 
> -- Jeff

-- 


------------------------------------------------------------
Nathan Neulinger                       EMail:  nneul@umr.edu
University of Missouri - Rolla         Phone: (573) 341-4841
CIS - Systems Programming                Fax: (573) 341-4216