Re: pre2.0.9 (was Re: CD-ROM Access Crashes)

Matthias Urlichs (smurf@smurf.noris.de)
Sat, 1 Jun 1996 09:10:04 +0100

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Herbert Rosmanith: "GA5486, can't reboot (2)"
Previous message: Linus Torvalds: "Re: SVGA kernel chipset drivers."

In linux.dev.kernel, article <25301.833577365@drax.isi.edu>,
Craig Milo Rogers <rogers@isi.edu> writes:
> >No, we actually _have_ to call readpage regardless of any old
> >error-status, because the error might go away (maybe the error was due to
> >protection problems with the previous user, but now we're another person
> >so..).
>
> I am confused by the statement above. Does it imply that its
> converse might be true: that a user might successfully access a page
> (read and cached by a prior user) that they would have been prevented
> from reading had readpage been called?
>
No.

Well, yes, actually, but only if you're root and first try the access as
a normal user. This is not a security hole because if the remote file is
owned by root, this wouldn't help you, and if it isn't, there's nobody to
prevent you from locally setuid()ing yourself to the file's owner in the
first place.

The NFS no-root-allowed feature really doesn't prevent accessing files as
root, it just makes root from A and B be a different user.

Unfortunately, Linux itself doesn't know anything about that, hence these
problems.

Effectively, thus, no. ;-)

-- Small Earthquake in Chile; Not Many Killed -- Healing suggested for The Times of London by Claud Cockburn

-- 
Matthias Urlichs

Next message: Herbert Rosmanith: "GA5486, can't reboot (2)"
Previous message: Linus Torvalds: "Re: SVGA kernel chipset drivers."