[OpenAFS] Access rights on openafs

Brandon S. Allbery KF8NH allbery@ece.cmu.edu
13 Jun 2003 04:52:02 -0400


On Fri, 2003-06-13 at 02:46, Christophe BERNARD wrote:
> Doc says: "If the first w mode bit is not set, no one (including the 
> owner) can modify the file. "
> 
> Not true: I chmod'ed 400 a file, and both the owner and another user
> (having afs "write" access to the directory) could change it with vim
> (because renaming and deleting are still allowed for both I guess).
> 
> Is this normal openafs behaviour, or am I missing something?

It's normal.  Local Unix filesystems allow the same thing if the
directory has write access but the file does not; nothing stops a
program from simply deleting and recreating the file.  (Command line
utilities like "rm" and "mv" --- in particular the GNU versions ---
generally test the file's mode bits first and ask for confirmation, but
if you use the -f option they will silently allow the operation.)

If you don't want to allow this, you need to disallow "d" and/or "i"
access on the directory (corresponding to local Unix filesystem behavior
if you disallow "w" on the directory).

(later)
> Did somebody else notice such behaviour? May this indicate a security hole 
> related to caching in openafs?

I believe there are known issues with cached accesses, but I don't know
if this is one of them.

-- 
brandon s allbery [openafs/solaris/japh/freebsd] allbery@kf8nh.apk.net
system administrator [linux/heimdal/too many hats] allbery@ece.cmu.edu
electrical and computer engineering                              KF8NH
carnegie mellon university  [better check the oblivious first -ke6sls]