[OpenAFS] ACLs and open-afs

Friedrich Delgado Friedrichs 6delgado@informatik.uni-hamburg.de
Fri, 11 Oct 2002 19:11:00 +0200


--1yeeQ81UyVL57Vl7
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

Hiho!

Brent Johnson schrieb:
>>I run the risk of having files like .Xauthority pop up, world
>>readable, opening a huge security hole.
> Just for my info, why is this a huge security hole?

Everybody who can read your .Xauthority file can connect to your
running X-Session (remote or local) which means that he can display
your desktop contents and observe every keystroke you type (i.e. log
your ssh/afs/Kerberos passwords) if the XFree Ports are open (TCP Port
6000 and above). Depending on how your X-Server and other involved
Software is configured, this opens your account to the whole wide
world (worst case) or at least (!) to anybody who can log on to your
machine.

Since xauth and some other software check if ~/.Xauthority is a
symlink in some cases, it is not as easily possible to use a symlink
pointing to e.g. ~/.restricted/.Xauthority or something.

On the other hand, i don't see a problem with having "system:anyuser
l" on $HOME and putting world readable files in $HOME/.readable
("system:anyuser" rl) and symlink them to the appropriate places.

Your $HOME should definitely *not* be world-readable in afs. There's
too much stuff in there that is intended to remain private.

Regards
	Friedel
--=20
	Friedrich Delgado Friedrichs <friedel@nomaden.org>
Laziness led to the invention of the most useful tools.

--1yeeQ81UyVL57Vl7
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.0 (GNU/Linux)

iEUEARECAAYFAj2nBiQACgkQCTmCEtF2zEBKWgCWKqd/sgzgMu2F5dB5Rt+Vffj7
kwCgq/4HFvsmMMutDST12XjqCXKnA3E=
=vgxp
-----END PGP SIGNATURE-----

--1yeeQ81UyVL57Vl7--