On 06/16/00 09:51:34 -0400 Lyle Seaman <[EMAIL PROTECTED]> wrote:
+-----
| However, the file *server* considers the subdirectory to be fair game
| if someone magics up the right RPC and fetches the directory (which
| probably wouldn't be all that hard). So you can't build a layout like
| that and expect the subdirectories to be private, either...
+--->8
Well, yeah, but the same is true of Unix. See fchdir() on systems which
support it; and programs such as MMDF have tended to use "jail" directories
to prevent non-root external access to directories which it chdir's to
itself as root, then launches a program under another uid with that current
directory. (Some Unix variants also have a chdir() variant which takes a
(dev,ino) pair as argument, which is essentially the same as the AFS RPC in
question.)
--
brandon s. allbery [os/2][linux][solaris][japh] [EMAIL PROTECTED]
system administrator [WAY too many hats] [EMAIL PROTECTED]
electrical & computer engineering KF8NH
carnegie mellon university ["better check the oblivious first" -ke6sls]
