The previous poster mentioned 'Multi-Level Secure directories'... Was that
in reference to multilevel directories? The notion here being that from a
directory perspective, you can have multiple directories, each with the same
name, but differentiated by their mac's (i.e., what their clearance is)
For instance:
/home/user/.netscape (this is a good example, consequently) would be a
multidir.
If you were to launch a netscape at 'TS A', you would see a
'/home/user/.netscape' at that same level.
If you later were to launch netscape at 'TS B', you would see a
'/home/user/.netscape' at THAT same level.
The names are the same, contents *could* be different.
-----Original Message-----
From: owner-linux-kernel@vger.rutgers.edu
[mailto:owner-linux-kernel@vger.rutgers.edu] On Behalf Of Alan Cox
Sent: Sunday, April 05, 1998 6:40 PM
To: Albert D. Cahalan
Cc: linux-kernel@vger.rutgers.edu
Subject: Re: foreign fs security features (was Re: NCPFS overhaul)
> The "per-user hidden file" concept is very important.
> The UFS filesystem is going to need it for Digital Unix
> filesystems with multi-level secure directories enabled.
> Novell Netware support needs it. I'd guess most "Trusted *"
> systems have the concept.
Its actually something thats quite hard to do right because of the
discovery by creation problem. That requires two people have different
files with the same name. Then a third person who can see both comes
along - what do they see. And more interestingly what the hell goes in
the dcache :)
[the discovery by creation problem]
A directory fred exists you cannot see
You do
mkdir fred
do you
a) return -EEXIST revealing the invisible space
b) create another fred
if b) what does a user with rights to see both now have to watch.
Alan
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu