--On Thursday, January 31, 2008 11:24:23 AM -0500 Derrick Brashear
<[EMAIL PROTECTED]> wrote:
The following small patch against OpenAFS 1.4.5 will allow users to to
change file ownership to another user with the chown command (System 5
chown semantics). The
reserved 'C' ACL entry (rlidwkaABCDEFGH) is used to control when this is
permitted (set
using the standard 'fs setacl' command).
Is this something of general use or is this going to cause issues for
people? Discussion?
There's some risk in allocating any of the uppercase ACL bits; we know some
of them have been used for various things in the past. I think it's time
we started thinking about how to safely extend the set of available bits
beyond 15 in a way that won't break interoperability with existing clients.
Your proposed patch also fails to implement an important part of SysV ACL
semantics, which is that changing the owner of a file causes its setuid bit
to be cleared. Without that behavior, this becomes a gaping security hole.
-- Jeff
_______________________________________________
OpenAFS-devel mailing list
[email protected]
https://lists.openafs.org/mailman/listinfo/openafs-devel
