Re: UID/GID mapping system

public inbox for linux-kernel@vger.kernel.org
 help / color / mirror / Atom feed

From: "Søren Hansen" <sh@warma.dk>
To: Jesse Pollard <jesse@cats-chateau.net>
Cc: linux-kernel@vger.kernel.org
Subject: Re: UID/GID mapping system
Date: Thu, 11 Mar 2004 15:39:10 +0100	[thread overview]
Message-ID: <1079015949.1576.106.camel@quaoar> (raw)
In-Reply-To: <04031108183602.05054@tabby>

tor, 2004-03-11 kl. 15:18 skrev Jesse Pollard:
> >> I should have said "designed to handle it" in a future expansion. I was
> >> wrong in making 64 bits as important as it looks.
> > I'm not talking about the 64 bits uid's and gid's. I'm talking about the
> > mapping system having to handle users' group memberships. Why would it
> > have to do that?
> NFS v2/3 have a limit of gids that can be passed. I know on v2 it is limited
> to 16. If the group that is permitted access is not in that list, then file
> access will fail, even though the user IS supposed to have access. The list
> of groups that is allowed is only the first 16 of a potentially very large
> list.

This is NOT the responsibility of the mapping system! I'm not
implementing a new network file system. All I do, is supply a system
that tells the client that what the server refers to as gid 26 is gid
523 locally. Who is a member and who is not is irrelevant!

> > Yes. I know. This is not the problem i was trying to fix. This
> > discussion is going nowhere.
> > If I redesigned the way house doors worked, you'd be moaning about the
> > fact that the TV inside the house might be broken or stolen by someone
> > who enters the house. That's true. It might very well be. The only way
> > to secure it is to give your key to noone. The second you give you key
> > to someone else, you're basically fscked. And of course I know this is a
> > problem. It's a huge problem. I hope someone will fix it some day. It is
> > not, however, what I'm trying to do here.
> Then you don't understand the problem yet.

That's funny. I thought it was the privilege of the designer to decide
what he has tried to design. When did this change?

I'll repeat it just one more time:
Imagine two systems with all the same users on them. The users however
have different uid's on the two systems. This fscks up the ownerships. I
fix this by translating the uid's before they hit the wire. Well,
actually before they hit the nfs layer. Behold! All is well, and all
users have access to their own files.

> Just because UIDs don't show up properly on the client is no reason to
> map them in an insecure manner.

Let's just for a second assume that I'm the slow one here. Why is the
world a less secure place after this system is incorporated into the
kernel?

> And it has nothing to do with house doors or TV sets.

Really? Dang, I need rewrite the entire thing now! (I BTW still reserve
the right to be sarcastic and to make other good analogies).

-- 
Salu2, Søren.

next prev parent reply	other threads:[~2004-03-11 14:39 UTC|newest]

Thread overview: 32+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2004-03-08 19:45 UID/GID mapping system Søren Hansen
2004-03-09 16:46 ` Jesse Pollard
2004-03-09 19:28   ` Søren Hansen
2004-03-10 15:28     ` Jesse Pollard
2004-03-10 17:58       ` Søren Hansen
2004-03-10 21:41         ` Jesse Pollard
2004-03-10 22:45           ` Trond Myklebust
2004-03-11  8:29             ` Søren Hansen
2004-03-11 14:31               ` Jesse Pollard
2004-03-11 14:45                 ` Søren Hansen
2004-03-11 15:58               ` J. Bruce Fields
2004-03-11 19:41               ` Trond Myklebust
2004-03-12  8:41                 ` Søren Hansen
2004-03-11 14:10             ` Jesse Pollard
2004-03-10 23:46           ` Andreas Dilger
2004-03-11 14:08             ` Jesse Pollard
2004-03-11 16:02               ` J. Bruce Fields
2004-03-12 13:58                 ` Jesse Pollard
2004-03-12 20:08                   ` J. Bruce Fields
2004-03-15 17:17                     ` Jesse Pollard
2004-03-15 17:49               ` Andreas Dilger
     [not found]             ` <fa.ct61k6d.bm43gj@ifi.uio.no>
2004-03-11 19:40               ` Kevin Buhr
2004-03-11 23:10                 ` Jamie Lokier
2004-03-12 14:49                 ` Pavel Machek
2004-03-11  8:22           ` Søren Hansen
2004-03-11 14:18             ` Jesse Pollard
2004-03-11 14:39               ` Søren Hansen [this message]
2004-03-12 13:52                 ` Jesse Pollard
2004-03-12 15:00                   ` Søren Hansen
2004-03-15 17:05                     ` Jesse Pollard
2004-03-16  8:08                       ` Søren Hansen
2004-03-09 19:28   ` Søren Hansen

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=1079015949.1576.106.camel@quaoar \
    --to=sh@warma.dk \
    --cc=jesse@cats-chateau.net \
    --cc=linux-kernel@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link

Be sure your reply has a Subject: header at the top and a blank line before the message body.

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox