[OpenAFS-devel] Initial implementation of RestrictedQuery, please
comment (was: Re: Lockdown for VL and VOL RPC interfaces for
non-authenticated user)
D Brashear
shadow@gmail.com
Tue, 18 Mar 2014 08:02:13 -0400
--001a11347f907dbf5c04f4e04ec8
Content-Type: text/plain; charset=ISO-8859-1
> - would anything break if we wouldn't return the volume name when the
> GetVolumeByID is used if you're unauthenticated? Or if we would
> return an anonymized fake name, but still return the correct name
> when you're authenticated (or administrator?)? Is that OK with the
> IBM guys?
>
It's only VL_GetEntryByNameO, VL_GetEntryByNameN, and VL_GetEntryByNameU,
plus VL_GetAddrs/VL_GetAddrsU and VL_ProbeServer
which are called by the regular client (and the client performs those calls
without authentication) so strictly speaking nothing else needs
to be available unauth.
That said, there is libafscp, which uses VL_GetEntryByIDN/VL_GetEntryByID
but as libafscp is basically the single-user cache manager case
one could easily argue that authentication will typically be provided and
otherwise when it's not you don't care.
--
D
--001a11347f907dbf5c04f4e04ec8
Content-Type: text/html; charset=ISO-8859-1
Content-Transfer-Encoding: quoted-printable
<div dir=3D"ltr"><br><div class=3D"gmail_extra"><div class=3D"gmail_quote">=
<blockquote class=3D"gmail_quote" style=3D"margin:0px 0px 0px 0.8ex;border-=
left:1px solid rgb(204,204,204);padding-left:1ex">
=A0 - would anything break if we wouldn't return the volume name when t=
he<br>
=A0 =A0 GetVolumeByID is used if you're unauthenticated? =A0Or if we wo=
uld<br>
=A0 =A0 return an anonymized fake name, but still return the correct name<b=
r>
=A0 =A0 when you're authenticated (or administrator?)? =A0Is that OK wi=
th the<br>
=A0 =A0 IBM guys?<br></blockquote><div><br></div><div>It's only VL_GetE=
ntryByNameO, VL_GetEntryByNameN, and VL_GetEntryByNameU, plus VL_GetAddrs/V=
L_GetAddrsU and VL_ProbeServer<br></div><div>which are called by the regula=
r client (and the client performs those calls without authentication) so st=
rictly speaking nothing else needs<br>
to be available unauth.<br><br></div><div>That said, there is libafscp, whi=
ch uses VL_GetEntryByIDN/VL_GetEntryByID but as libafscp is basically the s=
ingle-user cache manager case <br></div><div>one could easily argue that au=
thentication will typically be provided and otherwise when it's not you=
don't care.<br>
</div></div><br clear=3D"all"><br>-- <br><div dir=3D"ltr">D</div>
</div></div>
--001a11347f907dbf5c04f4e04ec8--