[OpenAFS] File ownership/permissions semantics

Derek Atkins warlord@MIT.EDU
Mon, 30 Oct 2006 19:12:10 -0500

It's a security hole to allow anyone with write access to gain
administrative priviledges just through "mkdir".   In OpenAFS
you still have implicit "a" access given to the owner of a volume
(which is the owner of the root directory node of a volume).

I do not believe there is a compilation flag to revert to the old,
insecure transarc semantics.


Quoting Bill Stivers <stiversb@ucsc.edu>:

> When we moved from Transarc AFS to OpenAFS default permissions  
> semantics and behavior seem to have changed.  When this took place,  
> one of our other SAs here researched and found some references in  
> Google to a permissions semantics change, but wasn't able to find any 
>  details.  The problem in brief:
> On our Transarc servers, the creator/owner of a directory seems to  
> have an implicit "a" permission to that directory, but on our OpenAFS 
>  servers, that doesn't seem to be the case.  Some of our local 
> scripts  and procedures depend on that implicit "a" permission for 
> security  purposes.
> Did we miss a compile-time or configuration switch in either client,  
> or server, or is this a more fundamental semantics change in the  
> OpenAFS fileserver itself?
> ---
> Bill Stivers
> IC Unix Lab and Systems Administrator
> University of California at Santa Cruz
> stiversb@ucsc.edu
> v) 831-459-2472
> f) 831-459-2914
> _______________________________________________
> OpenAFS-info mailing list
> OpenAFS-info@openafs.org
> https://lists.openafs.org/mailman/listinfo/openafs-info

       Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
       Member, MIT Student Information Processing Board  (SIPB)
       URL: http://web.mit.edu/warlord/    PP-ASEL-IA     N1NWH
       warlord@MIT.EDU                        PGP key available