[OpenAFS] File ownership/permissions semantics
Mon, 30 Oct 2006 19:12:10 -0500
It's a security hole to allow anyone with write access to gain
administrative priviledges just through "mkdir". In OpenAFS
you still have implicit "a" access given to the owner of a volume
(which is the owner of the root directory node of a volume).
I do not believe there is a compilation flag to revert to the old,
insecure transarc semantics.
Quoting Bill Stivers <email@example.com>:
> When we moved from Transarc AFS to OpenAFS default permissions
> semantics and behavior seem to have changed. When this took place,
> one of our other SAs here researched and found some references in
> Google to a permissions semantics change, but wasn't able to find any
> details. The problem in brief:
> On our Transarc servers, the creator/owner of a directory seems to
> have an implicit "a" permission to that directory, but on our OpenAFS
> servers, that doesn't seem to be the case. Some of our local
> scripts and procedures depend on that implicit "a" permission for
> security purposes.
> Did we miss a compile-time or configuration switch in either client,
> or server, or is this a more fundamental semantics change in the
> OpenAFS fileserver itself?
> Bill Stivers
> IC Unix Lab and Systems Administrator
> University of California at Santa Cruz
> v) 831-459-2472
> f) 831-459-2914
> OpenAFS-info mailing list
Derek Atkins, SB '93 MIT EE, SM '95 MIT Media Laboratory
Member, MIT Student Information Processing Board (SIPB)
URL: http://web.mit.edu/warlord/ PP-ASEL-IA N1NWH
warlord@MIT.EDU PGP key available