The "per-user hidden file" concept is very important.
The UFS filesystem is going to need it for Digital Unix
filesystems with multi-level secure directories enabled.
Novell Netware support needs it. I'd guess most "Trusted *"
systems have the concept.
Digital Unix puts security information inside the directory.
>From what I can tell, older versions of the OS should be able
to mount such filesystems read-only. Security info goes after
the filename. I think it was 16 bytes.
> And if we are talking about per-user mounts, there is NUC protocol
> (undocumented) which allows full access to Netware volumes from Unix
> (with user IDs, devices, links, symlinks). If someone is interested
> in reverse engineering, it is NCP 0x5F :-) (Keep UnixWare handy).
If you can fit into one of these catagories:
(1) NONCOMMERCIAL EDUCATIONAL PURPOSES
(2) NONCOMMERCIAL PERSONAL HOME USE (SUCH AS PERSONAL WEBSITE AND BBS)
you can get UnixWare for the cost of media.
http://www.sco.com/offers/license_products.html
Another interesting thing about Netware: directory traversal can
grant special rights. For example, the Supervisory right on /usr
would give you root-like power over /usr/local/bin even if you were
excluded from /usr/local.
The SMB protocol and NTFS are interesting too. I think security in the
kernel itself was done rather well -- too bad the default NT install
leaves the system wide open! At least the core is not rotten.
Access is specified with a 32-bit mask containing the following bits:
16 DELETE delete
17 READ_CONTROL read the owner, group, and ACL
18 WRITE_DAC write the ACL
19 WRITE_OWNER write the owner (take ownership?)
29 GENERIC_EXECUTE gets mapped to specific rights
30 GENERIC_WRITE gets mapped to specific rights
31 GENERIC_READ gets mapped to specific rights
Those last 3 are special. The OS maps them to object-specific
rights (bits 0 .. 15) as needed. For example, bit 2 can mean:
create sub-key (registry)
append data (normal file)
add sub-dir (directory)
create pipe instance (named pipe)
Normal apps don't worry about object-specific rights. This kind of
system seems to make it easy for the OS to emulate foreign security
systems. I think NT has this system so that it can simultaneously
meet POSIX requirements and act (almost?) like Netware. Since Linux
supports so many foreign filesystems, it might be a good idea to
operate like this.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu