Re: Adding entries to a directory

bug-hurd

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Adding entries to a directory

From:	olafBuddenhagen
Subject:	Re: Adding entries to a directory
Date:	Tue, 17 Nov 2009 20:55:38 +0100
User-agent:	Mutt/1.5.19 (2009-01-05)

Hi,

On Tue, Nov 17, 2009 at 01:15:59PM +0100, Carl Fredrik Hammar wrote:

> If run by any other user then it can only recreate the intersection of
> credentials between unionfs and the client.  This isn't ideal, but it
> does ensure that unionfs doesn't accidentally grant the client any new
> permissions by mistake.

Actually I think this is just right... Whenever a client accesses a
resource through a translator, it should be restricted not only by its
own access, but also the translator's access.

It is actually a problem that this policy is not followed whenever an
intermediate translator hands out a "real" port to another translator,
and the client reauthenticates it. (The so-called "firmlink problem".)

-antrik-

[Prev in Thread]

Current Thread

[Next in Thread]

Re: Adding entries to a directory, (continued)

Prev by Date: Re: website: background color in css
Next by Date: Re: [PATCH 2/3] Implement mountee startup.
Previous by thread: Re: Adding entries to a directory
Next by thread: Solving the firmlink problem with io_restrict_auth (was Re: Adding entries to a directory)
Index(es):
- Date
- Thread