On Thu, 31 Oct 2002, Stephen Wille Padnos wrote:
> >Then give them all the same account and be done with that. Effect will
> >be the same.
> >
> >
>
> Unless I'm missing something, that only works if all the users need
> *exactly* the same permissions to all files, which isn't a good assumption.
That's the point. In practice shared writable access to a directory can be
easily elevated to full control of each others' accounts, since most of
userland code is written in implicit assumption that nothing bad happens with
directory structure under it. And there is nothing kernel can do about that -
attacker does action you had explicitly allowed and your program goes bonkers
since it can't cope with that. Mechanism used to allow that action doesn't
enter the picture - be it ACLs, groups or something else.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Oct 31 2002 - 22:00:54 EST