On 8 Oct 1999, david parsons wrote:
> In article <linux.kernel.Pine.GSO.4.10.9910080409500.10704-100000@weyl.math.psu.edu>,
> Alexander Viro <viro@math.psu.edu> wrote:
>
> >> You don't need ownership, except as root, on a filesystem to boot
> >> a Linux+devfs system. It might not resemble a ``standard'' Unix
> >> system, but one of the spiffy things about a Unix kernel is that
> >> it can be adapted to a wide variety of environment.
> >
> > Ho-hum... /tmp without sticky bit is an interesting animal,
>
> The sticky bit hasn't always been there, and when I was at university
> 20 years ago we had a bunch of machines running BSD 2.7 with /tmp
> being 777.
Umhm... Remember the fun with rm /tmp/12345.s; cp my_code.s /tmp/12345.s;
laugh watching as the sucker goes on with compile ending up with a troyan,
don't you?
> >not to
> >mention the nice stuff in /var (sparse files),
>
> What sparse files live in /var? The big spaceeaters in /var on my
> machines are X11, spool (==mail), and adm (==log), for the machines
> that don't spit syslog off to a logserver.
utmp on a serious multi-user system. lastlog.
> >/usr/bin (suid/sgid not to
> >root),
>
> Why not? /usr/bin survives swimmingly even if it's owned by root.
That is, you've done audit of pine, lpc, screen, wall, write, mail, xterm,
etc. installed SGID-root, right? Would you mind sharing it? Ditto for
suid-root man, if you please. Ditto for the method of storing s[u|g]id in
the first place (doable, but you'll have to screw around with the
attributes).
Hey, wait-a-bloody-minute... What about the ownership of $HOME? OK, you
can mount it with uid=... Ouch. Speak about the binary security model...
> plus fat takes a little less room than ext2fs on a floppy, so that
> plus devfs may be enough so I can shoehorn the bloated elephant that
> will be 2.6 onto my install floppy and still have enough room to fit
> the installer and pcmcia utilities.
BTW, do you realize that 2.0.28 is very likely to have racey FAT? The fix
I did for 2.2 will not fly - it seriously depends on dcache, so you'll
have to roll your own. And I don't envy you - it's a messy work. Really. I
will not volunteer for _that_. Even with dcache it was PITA.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
> In article <linux.kernel.Pine.GSO.4.10.9910080409500.10704-100000@weyl.math.psu.edu>,
> Alexander Viro <viro@math.psu.edu> wrote:
>
> >> You don't need ownership, except as root, on a filesystem to boot
> >> a Linux+devfs system. It might not resemble a ``standard'' Unix
> >> system, but one of the spiffy things about a Unix kernel is that
> >> it can be adapted to a wide variety of environment.
> >
> > Ho-hum... /tmp without sticky bit is an interesting animal,
>
> The sticky bit hasn't always been there, and when I was at university
> 20 years ago we had a bunch of machines running BSD 2.7 with /tmp
> being 777.
Umhm... Remember the fun with rm /tmp/12345.s; cp my_code.s /tmp/12345.s;
laugh watching as the sucker goes on with compile ending up with a troyan,
don't you?
> >not to
> >mention the nice stuff in /var (sparse files),
>
> What sparse files live in /var? The big spaceeaters in /var on my
> machines are X11, spool (==mail), and adm (==log), for the machines
> that don't spit syslog off to a logserver.
utmp on a serious multi-user system. lastlog.
> >/usr/bin (suid/sgid not to
> >root),
>
> Why not? /usr/bin survives swimmingly even if it's owned by root.
That is, you've done audit of pine, lpc, screen, wall, write, mail, xterm,
etc. installed SGID-root, right? Would you mind sharing it? Ditto for
suid-root man, if you please. Ditto for the method of storing s[u|g]id in
the first place (doable, but you'll have to screw around with the
attributes).
Hey, wait-a-bloody-minute... What about the ownership of $HOME? OK, you
can mount it with uid=... Ouch. Speak about the binary security model...
> plus fat takes a little less room than ext2fs on a floppy, so that
> plus devfs may be enough so I can shoehorn the bloated elephant that
> will be 2.6 onto my install floppy and still have enough room to fit
> the installer and pcmcia utilities.
BTW, do you realize that 2.0.28 is very likely to have racey FAT? The fix
I did for 2.2 will not fly - it seriously depends on dcache, so you'll
have to roll your own. And I don't envy you - it's a messy work. Really. I
will not volunteer for _that_. Even with dcache it was PITA.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/