Re: foreign fs security features (was Re: NCPFS overhaul)

David Todd (dtodd@bbn.com)
Sun, 05 Apr 1998 21:08:56 -0400

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Paul Wilkins: "Re: hardware"
Previous message: Peter Amstutz: "RAID question"
Maybe in reply to: Albert D. Cahalan: "foreign fs security features (was Re: NCPFS overhaul)"

> > The "per-user hidden file" concept is very important.
> > The UFS filesystem is going to need it for Digital Unix
> > filesystems with multi-level secure directories enabled.
> > Novell Netware support needs it. I'd guess most "Trusted *"
> > systems have the concept.
>
> Its actually something thats quite hard to do right because of the
> discovery by creation problem. That requires two people have different
> files with the same name. Then a third person who can see both comes
> along - what do they see. And more interestingly what the hell goes in
> the dcache :)
>
> [the discovery by creation problem]
>
>
> A directory fred exists you cannot see
>
> You do
>
> mkdir fred
>
> do you
>
> a) return -EEXIST revealing the invisible space
> b) create another fred
>
> if b) what does a user with rights to see both now have to watch.

The person who can see both should see the name as being fred.OWNER, or some
such marking. It wouldn't be an actual part of the name, just a computed
version of the name for this persons listing.

-- 
Hacksaw = David Charles Todd
GTE* = Hacksaw's Employer
Hacksaw's Opinions != GTE*'s Opinions
It's hard to (rec'' (e) ni'ze bee''ch)


-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu

Next message: Paul Wilkins: "Re: hardware"
Previous message: Peter Amstutz: "RAID question"
Maybe in reply to: Albert D. Cahalan: "foreign fs security features (was Re: NCPFS overhaul)"