[OpenAFS-devel] Re: [AFS3-std] Changing RXAFS_GetVolumeStatus
access check to support volume lock down
Harald Barth
haba@kth.se
Fri, 06 Jul 2012 15:16:08 +0200 (CEST)
From: Jeffrey Altman <jaltman@secure-endpoints.com>
Subject: Re: [OpenAFS-devel] Re: [AFS3-std] Changing RXAFS_GetVolumeStatus access check to support volume lock down
Date: Thu, 05 Jul 2012 18:48:26 -0400
> On 7/5/2012 1:23 PM, Jeffrey Hutzelman wrote:
>> I think it is fine to skip access control checks on this call entirely.
>> As you point out, the information available via this RPC is also
>> available to unauthenticated clients via the volserver.
>
> I have modified http://gerrit.openafs.org/#change,7705 to remove all
> access control checks. I was being conservative by changing the check
> to RXAFS_LOOKUP but I am in agreement that the check is not needed at all.
My cents after sleeping on it...
When there is another door open to access the building, it is not very
useful to check ID cards at the other.
If this would be "restricted information" then one would have to
(1) Close the unauthenticated method
(2) Figure out what WOULD BE a useful access restriction. I think
that (l) on the volume root is not good. The right access
restriction would IMHO be "open for any user that has (w) or (i)
in any directory of the volume". That check is a little more
tricky to implement but we don't need to think about it until (1)
is changed.
Harald.