Re: foreign fs security features (was Re: NCPFS overhaul)

Paul Rusty Russell (Paul.Russell@rustcorp.com.au)
Tue, 07 Apr 1998 13:32:56 +0930

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Gerard Roudier: "ncr53c8xx-2.6 feature freeze. Need testers."
Previous message: Jason Dillon: "RE: Best C++ and Java IDE?"
Maybe in reply to: Albert D. Cahalan: "foreign fs security features (was Re: NCPFS overhaul)"

In message <m0yLz1Q-000aOcC@the-village.bc.nu> you write:
> > The "per-user hidden file" concept is very important.
> > The UFS filesystem is going to need it for Digital Unix
> > filesystems with multi-level secure directories enabled.
> > Novell Netware support needs it. I'd guess most "Trusted *"
> > systems have the concept.
>
> Its actually something thats quite hard to do right because of the
> discovery by creation problem. That requires two people have different
> files with the same name. Then a third person who can see both comes
> along - what do they see. And more interestingly what the hell goes in
> the dcache :)

Consider them as separate mounts which happen to have the same mount
point. There exists no user who can see both of them. Then perhaps
offer access through /proc/<pid>/mounts, or allow root to mount
(somewhere else) the same point with a specific uid if that is really
desired. (mount -t hidefs -o fixeduid=100 /mnt/tmp-100). Add an
automounter to the mix and it could be quite nice.

Rusty.

-- .sig lost in the mail.

- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu

Next message: Gerard Roudier: "ncr53c8xx-2.6 feature freeze. Need testers."
Previous message: Jason Dillon: "RE: Best C++ and Java IDE?"
Maybe in reply to: Albert D. Cahalan: "foreign fs security features (was Re: NCPFS overhaul)"