interesting feature on AMIX..

Lance Hartmann lance at mpd.tandem.com
Fri Jun 21 05:20:55 AEST 1991


In article <1991Jun20.165331.4604 at convex.com> swarren at convex.com (Steve Warren) writes:
>In article <1991Jun19.204906.19339 at dvorak.amd.com> tim at amd.com (Tim Olson) writes:
>>File systems should only be mountable by root.  Allowing a user to
>>mount a floppy would be a big security hole.
>
>[STUFF DELETED]
>Every inode would be scanned to make sure that nothing on the floppy violated
>the priviledges of the user.  If anything bogus showed up then the system
>would refuse to mount it....
>[REMAINDER DELETED]

Forgive my ignorance, but what do you mean by "scanning the inodes"?  Yes,
I know what an inode is, but I'm curious as to your procedure.  I guess
you could read the raw floppy device, check the super block, etc.
before mounting, but is there a EASY, KNOWN way for checking the stat's of the
raw contents?  For example, you'd certainly want to make sure that there
weren't ANY files with setuid/setgid bits set (particularly, root owned!).
I know that all the info would be there, but am wondering how easy/difficult
it would be to do this....


-- 
Lance G. Hartmann - cs.utexas.edu!devnull!lance (Internet)
-------------------------------------------------------------------------------
DISCLAIMER:  All opinions/actions expressed herein reflect those of my VERY OWN
and shall NOT bear any reflection upon Tandem or anyone else for that matter.



More information about the Comp.unix.amiga mailing list