Permissions

classic Classic list List threaded Threaded
2 messages Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Permissions

Leandro Franco
Hi guys....


I'm writing again with what I think is another silly question... but
since I'm unable to see where does it come from...


I'm controlling the security in a file system and a non-authorized
user can do something like:

[franco@ccdc adas]$ ls -la
total 76
drwxr-xr-x    7 franco   franco       4096 Jun 15 14:32 .
drwxr-xr-x   23 root     root         4096 Jul 13 08:22 ..
drwx------    2 franco   franco       4096 Jun 15 14:48 mount
drwx------    2 franco   franco       4096 Jun 15 14:48 source
[franco@ccdc adas]$ cd mount
[franco@ccdc mount]$ ls -la
ls: reading directory .: Permission denied
total 0

we are still able to do "cd mount".. even if after that the
permissions are denied...
normally it shouldnt be possible to go inside the directory.....

am I forgetting something obvious?... does it have something to do
with the new methods for the directories?


Thank You,

Leandro


-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA.  To register visit http://www.hp.com/go/dualwebinar
_______________________________________________
fuse-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/fuse-devel
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Permissions

Miklos Szeredi
> I'm writing again with what I think is another silly question... but
> since I'm unable to see where does it come from...
>
>
> I'm controlling the security in a file system and a non-authorized
> user can do something like:
>
> [franco@ccdc adas]$ ls -la
> total 76
> drwxr-xr-x    7 franco   franco       4096 Jun 15 14:32 .
> drwxr-xr-x   23 root     root         4096 Jul 13 08:22 ..
> drwx------    2 franco   franco       4096 Jun 15 14:48 mount
> drwx------    2 franco   franco       4096 Jun 15 14:48 source
> [franco@ccdc adas]$ cd mount
> [franco@ccdc mount]$ ls -la
> ls: reading directory .: Permission denied
> total 0
>
> we are still able to do "cd mount".. even if after that the
> permissions are denied...
> normally it shouldnt be possible to go inside the directory.....
>
> am I forgetting something obvious?... does it have something to do
> with the new methods for the directories?

No, it's my stupid ommision.

A "permission" method is really needed to be able to make this work.
It was left out, because most operations can check the permission
themselves, reducing the number of roundtrips between the kernel and
the filesystem.  However a couple of operations (access(), chdir())
won't necessarily trigger any userspace method.

I'll think about adding a permission method, without throwing away the
advantages of the current system.

Thanks,
Miklos


-------------------------------------------------------
This SF.Net email is sponsored by the 'Do More With Dual!' webinar happening
July 14 at 8am PDT/11am EDT. We invite you to explore the latest in dual
core and dual graphics technology at this free one hour event hosted by HP,
AMD, and NVIDIA.  To register visit http://www.hp.com/go/dualwebinar
_______________________________________________
fuse-devel mailing list
[hidden email]
https://lists.sourceforge.net/lists/listinfo/fuse-devel
Loading...