[OpenAFS] anon FTP upload directory ACL
Derek Atkins
warlord@MIT.EDU
01 Jun 2002 17:15:10 -0400
Russ Allbery <rra@stanford.edu> writes:
> Note that you need to be sure to disable mkdir in your FTP server, since
> otherwise with i permission in the parent directory, the anonymous FTP
> user can create a subdirectory, which will then be owned by someone you
> don't want it to be owned by, and the Unix owner of the directory can then
> change the ACLs on that directory. Probably not *easy* to exploit, but
> I'd worry some about it.
Last I checked it was only the owner of the volume that had implicit
'a' access, not the owner of a directory. So I dont think there is
much of an exloit here.
-derek
PS: I concur with Russ that you need 'lwi' permissions. You do not
want 'r' permissions. 'l' implies "list/enter directory" whereas 'r'
implies "read files". There is no way to provide, in AFS, a way to
insert files into a directory without also allowing them to read the
directory listing (although not necessarily the stat() entries of the
files in the directory).
--
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available