From: Stephen Frost <sfrost@snowman.net>
To: Alexander Viro <viro@math.psu.edu>
Cc: Stephen Wille Padnos <stephen.willepadnos@verizon.net>,
Dax Kelson <dax@gurulabs.com>, Chris Wedgwood <cw@f00f.org>,
Rik van Riel <riel@conectiva.com.br>,
Linus Torvalds <torvalds@transmeta.com>,
Rusty Russell <rusty@rustcorp.com.au>,
linux-kernel@vger.kernel.org
Subject: Re: What's left over.
Date: Thu, 31 Oct 2002 12:11:15 -0500 [thread overview]
Message-ID: <20021031171115.GT15886@ns> (raw)
In-Reply-To: <Pine.GSO.4.21.0210311126450.16688-100000@weyl.math.psu.edu>
[-- Attachment #1: Type: text/plain, Size: 1280 bytes --]
* Alexander Viro (viro@math.psu.edu) wrote:
> On Thu, 31 Oct 2002, Stephen Wille Padnos wrote:
> > Unless I'm missing something, that only works if all the users need
> > *exactly* the same permissions to all files, which isn't a good assumption.
>
> That's the point. In practice shared writable access to a directory can be
> easily elevated to full control of each others' accounts, since most of
> userland code is written in implicit assumption that nothing bad happens with
> directory structure under it. And there is nothing kernel can do about that -
> attacker does action you had explicitly allowed and your program goes bonkers
> since it can't cope with that. Mechanism used to allow that action doesn't
> enter the picture - be it ACLs, groups or something else.
So you're not really arguing against ACLs, you're complaining that
userspace is broken when there's shared write access. That's fine,
userspace should be fixed, inclusion of ACLs into the kernel shouldn't
be denied because of this. ACLs should be optional, of course, and if
you want them some really noisy warnings about the problems of shared
writeable area with current userspace tools. Of course, that same
warning should probably be included in 'groupadd'.
Stephen
[-- Attachment #2: Type: application/pgp-signature, Size: 189 bytes --]
next prev parent reply other threads:[~2002-10-31 17:05 UTC|newest]
Thread overview: 331+ messages / expand[flat|nested] mbox.gz Atom feed top
2002-10-31 2:07 What's left over Rusty Russell
2002-10-31 2:31 ` Linus Torvalds
2002-10-31 2:43 ` Alexander Viro
2002-10-31 16:36 ` Oliver Xymoron
2002-10-31 17:04 ` Stephen Frost
2002-10-31 17:38 ` Linus Torvalds
2002-10-31 18:00 ` Oliver Xymoron
2002-11-06 20:52 ` Florian Weimer
2002-10-31 22:57 ` Pavel Machek
2002-10-31 22:28 ` Xavier Bestel
2002-10-31 23:08 ` Pavel Machek
2002-11-01 9:55 ` Miquel van Smoorenburg
2002-10-31 3:00 ` Rusty Russell
2002-10-31 3:19 ` tridge
2002-10-31 6:21 ` Chris Wedgwood
2002-11-05 3:38 ` Andreas Gruenbacher
2002-10-31 3:22 ` Christoph Hellwig
2002-10-31 3:31 ` tridge
2002-10-31 10:15 ` Joe Thornber
2002-10-31 14:26 ` Jeff Garzik
2002-10-31 14:55 ` Alan Cox
2002-10-31 21:14 ` Rusty Russell
2002-11-01 8:20 ` Joe Thornber
2002-10-31 11:03 ` Geert Uytterhoeven
2002-10-31 21:17 ` James Simmons
2002-10-31 3:06 ` Rik van Riel
2002-10-31 3:19 ` Stephen Frost
2002-10-31 21:09 ` john stultz
2002-10-31 21:49 ` Werner Almesberger
2002-10-31 22:32 ` john stultz
2002-10-31 22:54 ` Werner Almesberger
2002-11-01 0:54 ` john stultz
2002-11-01 1:31 ` Werner Almesberger
2002-11-05 3:58 ` Andreas Gruenbacher
2002-10-31 6:22 ` Chris Wedgwood
2002-10-31 6:48 ` Dax Kelson
2002-10-31 6:56 ` Chris Wedgwood
2002-10-31 14:31 ` Jeff Garzik
2002-10-31 18:12 ` Chris Wedgwood
2002-10-31 18:49 ` Linus Torvalds
2002-10-31 19:43 ` Chris Wedgwood
2002-11-01 15:25 ` Linus Torvalds
2002-11-01 15:35 ` bert hubert
2002-11-01 15:50 ` Gerald Britton
2002-11-01 18:17 ` Matt Porter
2002-11-01 16:15 ` Michael Clark
2002-11-01 16:16 ` Erik Andersen
2002-11-01 20:43 ` romieu
2002-10-31 18:28 ` Nicholas Wourms
2002-10-31 18:58 ` Alexander Viro
2002-10-31 19:14 ` Nicholas Wourms
2002-10-31 19:20 ` Alan Cox
2002-10-31 19:17 ` Nicholas Wourms
2002-10-31 20:45 ` Jeff Garzik
2002-11-01 6:00 ` James Morris
2002-10-31 7:10 ` Alexander Viro
2002-10-31 7:21 ` Dax Kelson
2002-10-31 7:42 ` Alexander Viro
2002-10-31 16:24 ` Stephen Wille Padnos
2002-10-31 16:44 ` Alexander Viro
2002-10-31 17:11 ` Stephen Frost [this message]
2002-10-31 17:30 ` Alexander Viro
2002-10-31 17:39 ` Linus Torvalds
2002-10-31 17:36 ` Richard Gooch
2002-11-02 17:35 ` LA Walsh
2002-11-02 20:44 ` Chris Wedgwood
2002-10-31 22:53 ` Pavel Machek
2002-10-31 9:44 ` Lech Szychowski
2002-10-31 3:14 ` Karim Yaghmour
2002-10-31 16:00 ` LTT for inclusion into 2.5 bob
2002-10-31 16:19 ` Is your idea good? [was: Re: LTT for inclusion into 2.5] Larry McVoy
2002-10-31 16:38 ` Cort Dougan
2002-10-31 16:47 ` bob
2002-10-31 17:35 ` Karim Yaghmour
2002-10-31 3:21 ` What's left over Stephen Lord
2002-10-31 3:59 ` Andreas Dilger
2002-10-31 4:20 ` Patrick Finnegan
2002-10-31 4:25 ` Christoph Hellwig
2002-10-31 4:31 ` Patrick Finnegan
2002-10-31 5:13 ` Dax Kelson
2002-10-31 6:07 ` [PATCH] kexec for 2.5.45 Eric W. Biederman
2002-10-31 6:25 ` What's left over Matt D. Robinson
2002-10-31 15:46 ` Linus Torvalds
2002-10-31 17:10 ` Patrick Finnegan
2002-10-31 17:13 ` Michael Shuey
2002-10-31 19:04 ` Alan Cox
2002-10-31 19:42 ` Michael Shuey
2002-11-01 22:25 ` Pavel Machek
2002-11-02 13:30 ` Michael Shuey
2002-10-31 17:18 ` Matt D. Robinson
2002-10-31 17:25 ` Linus Torvalds
2002-10-31 17:54 ` Matt D. Robinson
2002-10-31 17:54 ` Linus Torvalds
2002-10-31 18:21 ` Patrick Finnegan
2002-10-31 18:31 ` John Alvord
2002-11-02 23:44 ` Horst von Brand
2002-11-03 1:14 ` Matt D. Robinson
2002-10-31 18:10 ` Chris Friesen
2002-10-31 18:22 ` Linus Torvalds
2002-10-31 20:59 ` Dave Anderson
2002-10-31 21:49 ` Oliver Xymoron
2002-11-01 1:25 ` [lkcd-devel] " Matt D. Robinson
2002-11-01 6:34 ` Bill Davidsen
2002-11-01 13:26 ` Alan Cox
2002-11-01 19:00 ` Joel Becker
2002-11-01 19:18 ` Linus Torvalds
2002-11-01 20:06 ` Steven King
2002-11-02 5:17 ` Bill Davidsen
2002-11-02 5:36 ` Zwane Mwaikambo
2002-11-03 14:08 ` Bill Davidsen
2002-11-02 15:29 ` Alan Cox
2002-11-03 1:24 ` [lkcd-general] " Matt D. Robinson
2002-11-03 1:49 ` Alan Cox
2002-11-03 9:34 ` [lkcd-devel] " Matt D. Robinson
2002-11-03 14:33 ` Bill Davidsen
2002-11-03 15:34 ` Bernd Eckenfels
2002-11-03 16:32 ` Alan Cox
2002-11-03 17:08 ` [lkcd-devel] " Matt D. Robinson
2002-11-05 18:07 ` Bill Davidsen
2002-11-03 3:10 ` Christoph Hellwig
2002-11-01 20:21 ` David Lang
2002-11-01 22:25 ` Werner Almesberger
2002-11-01 22:42 ` Karim Yaghmour
2002-11-01 22:54 ` Werner Almesberger
2002-11-01 23:10 ` Karim Yaghmour
2002-11-01 20:22 ` [lkcd-devel] " Matt D. Robinson
2002-11-02 13:02 ` Kai Henningsen
2002-11-01 20:37 ` Hugh Dickins
2002-11-02 18:23 ` Geert Uytterhoeven
2002-11-03 2:25 ` Horst von Brand
2002-11-04 16:18 ` Hugh Dickins
2002-11-03 13:48 ` Bill Davidsen
2002-11-03 14:26 ` yodaiken
2002-11-05 17:09 ` Bill Davidsen
2002-11-05 17:36 ` yodaiken
2002-11-04 2:44 ` [lkcd-general] " Jennie Haywood
2002-11-04 14:45 ` Henning P. Schmiedehausen
2002-11-04 15:29 ` Alan Cox
2002-11-04 15:27 ` Henning P. Schmiedehausen
2002-11-04 15:38 ` Patrick Finnegan
2002-11-04 16:51 ` Henning P. Schmiedehausen
2002-11-05 4:57 ` Werner Almesberger
2002-10-31 18:50 ` Alan Cox
2002-10-31 21:33 ` Rusty Russell
2002-11-01 1:19 ` [lkcd-devel] " Matt D. Robinson
2002-11-01 2:59 ` Rusty Russell
2002-10-31 18:15 ` Andrew Morton
2002-10-31 19:58 ` Bernhard Kaindl
2002-11-02 0:49 ` What's left over. - Dave's crash code supports a gdb interface for LKCD crash dumps Piet Delaney
2002-10-31 18:16 ` What's left over Oliver Xymoron
2002-10-31 18:26 ` Linus Torvalds
2002-10-31 18:49 ` Rik van Riel
2002-10-31 21:02 ` Jeff Garzik
2002-10-31 22:37 ` Werner Almesberger
2002-11-05 11:42 ` [lkcd-devel] " Suparna Bhattacharya
2002-11-05 18:00 ` Werner Almesberger
2002-11-05 18:36 ` Alan Cox
2002-11-05 19:19 ` Werner Almesberger
2002-11-05 20:10 ` Alan Cox
2002-11-05 23:25 ` Werner Almesberger
2002-11-06 0:21 ` Andy Pfiffer
2002-11-06 1:10 ` Werner Almesberger
2002-11-06 1:37 ` Alexander Viro
2002-11-06 2:05 ` Werner Almesberger
2002-11-07 6:04 ` Eric W. Biederman
2002-11-07 12:17 ` Werner Almesberger
2002-11-06 4:07 ` Eric W. Biederman
2002-11-06 4:47 ` Eric W. Biederman
2002-11-06 19:24 ` Rob Landley
2002-11-10 18:35 ` Pavel Machek
2002-11-06 2:48 ` Eric W. Biederman
2002-11-06 4:29 ` Eric W. Biederman
2002-11-06 6:25 ` Linus Torvalds
2002-11-06 6:38 ` Suparna Bhattacharya
2002-11-06 7:48 ` Eric W. Biederman
2002-11-06 9:11 ` Suparna Bhattacharya
2002-11-06 22:05 ` Michal Jaegermann
2002-11-06 16:13 ` Eric W. Biederman
2002-11-07 8:50 ` Eric W. Biederman
2002-11-07 15:44 ` Linus Torvalds
2002-11-09 23:05 ` Eric W. Biederman
2002-11-09 23:33 ` Linus Torvalds
2002-11-10 1:37 ` Eric W. Biederman
2002-11-10 2:12 ` Alan Cox
2002-11-10 2:16 ` Eric W. Biederman
2002-11-10 3:03 ` Werner Almesberger
2002-11-10 3:23 ` Eric W. Biederman
2002-11-10 14:30 ` Alan Cox
2002-11-10 16:56 ` Eric W. Biederman
2002-11-10 3:17 ` Linus Torvalds
2002-11-10 4:26 ` Eric W. Biederman
2002-11-10 18:07 ` Kexec 2.5.46-b6 Eric W. Biederman
2002-11-11 18:03 ` [lkcd-devel] Re: What's left over Eric W. Biederman
2002-11-11 18:15 ` Kexec for v2.5.47 Eric W. Biederman
2002-11-11 22:52 ` Kexec for v2.5.47 (test feedback) Andy Pfiffer
2002-11-12 7:22 ` Eric W. Biederman
2002-11-13 0:48 ` Andy Pfiffer
2002-11-13 4:16 ` Eric W. Biederman
2002-11-13 13:26 ` Kexec for v2.5.47-bk2 Eric W. Biederman
2002-11-15 9:24 ` Suparna Bhattacharya
2002-11-15 14:14 ` Eric W. Biederman
2002-11-15 14:37 ` Werner Almesberger
2002-11-20 9:44 ` Suparna Bhattacharya
2002-11-20 17:28 ` Eric W. Biederman
2002-11-18 0:07 ` [ANNOUNCE] kexec-tools-1.6 released Eric W. Biederman
2002-11-18 5:46 ` Eric W. Biederman
2002-11-18 8:53 ` [ANNOUNCE][CFT] kexec for v2.5.48 && kexec-tools-1.7 Eric W. Biederman
2002-11-19 1:10 ` [ANNOUNCE][CFT] kexec for v2.5.48 && kexec-tools-1.7 -- Success Story! Andy Pfiffer
2002-11-19 10:25 ` Eric W. Biederman
2002-11-19 17:21 ` Andy Pfiffer
2002-11-19 17:34 ` Eric W. Biederman
2002-11-19 18:17 ` Martin J. Bligh
2002-11-20 9:19 ` Eric W. Biederman
2002-11-19 19:29 ` Andy Pfiffer
2002-11-20 8:49 ` Suparna Bhattacharya
2002-11-20 9:17 ` Eric W. Biederman
2002-11-20 11:59 ` Suparna Bhattacharya
2002-11-20 15:05 ` Werner Almesberger
2002-11-20 16:48 ` Eric W. Biederman
2002-11-19 2:15 ` [ANNOUNCE][CFT] kexec for v2.5.48 && kexec-tools-1.7 Dave Hansen
2002-11-19 10:13 ` Eric W. Biederman
2002-11-19 15:28 ` Martin J. Bligh
2002-11-19 17:44 ` Eric W. Biederman
2002-11-19 16:24 ` Dave Hansen
2002-11-19 17:33 ` Linus Torvalds
2002-11-19 17:48 ` Eric W. Biederman
2002-11-19 17:54 ` Dave Jones
2002-11-19 17:42 ` Eric W. Biederman
2002-12-02 4:41 ` [ANNOUNCE] kexec-tools-1.8 Eric W. Biederman
2002-12-03 2:30 ` Dave Hansen
2002-12-03 7:35 ` Eric W. Biederman
2002-12-13 2:00 ` Dave Hansen
2002-12-02 15:54 ` Eric W. Biederman
2002-11-09 23:39 ` [lkcd-devel] Re: What's left over Randy.Dunlap
2002-11-10 2:58 ` Eric W. Biederman
2002-11-10 14:35 ` Alan Cox
2002-11-10 18:13 ` Eric W. Biederman
2002-11-10 1:31 ` Werner Almesberger
2002-11-10 3:10 ` Eric W. Biederman
2002-11-10 3:30 ` Werner Almesberger
2002-11-10 3:49 ` Eric W. Biederman
2002-11-10 3:49 ` Linus Torvalds
2002-11-10 2:08 ` Alan Cox
2002-11-10 2:18 ` Eric W. Biederman
2002-11-10 14:31 ` Alan Cox
2002-11-07 15:48 ` Linus Torvalds
2002-11-07 19:32 ` kexec (was: [lkcd-devel] Re: What's left over.) Andy Pfiffer
2002-11-07 22:13 ` Andy Pfiffer
2002-11-07 22:56 ` Werner Almesberger
2002-11-11 17:03 ` Bill Davidsen
[not found] ` <200211080536.31287.landley@trommello.org>
2002-11-11 17:58 ` Andy Pfiffer
2002-11-11 18:25 ` Eric W. Biederman
2002-11-08 18:01 ` [lkcd-devel] Re: What's left over Alan Cox
2002-11-09 21:21 ` Pavel Machek
2002-11-11 16:27 ` Eric W. Biederman
2002-11-01 1:35 ` Matt D. Robinson
2002-11-01 2:06 ` Jeff Garzik
2002-11-01 3:46 ` Matt D. Robinson
2002-11-01 4:45 ` Linus Torvalds
2002-11-01 4:57 ` Patrick Finnegan
2002-11-01 9:18 ` Henning P. Schmiedehausen
2002-11-01 14:55 ` Patrick Finnegan
2002-11-01 15:16 ` Alexander Viro
2002-11-01 15:27 ` Patrick Finnegan
2002-11-01 16:16 ` Patrick Finnegan
2002-11-01 16:32 ` Larry McVoy
2002-11-01 16:44 ` Linux without Linus was " Brian Jackson
2002-11-01 16:58 ` Paul Fulghum
2002-11-01 19:14 ` Shawn
2002-11-01 19:36 ` Shawn
2002-11-01 17:56 ` Nicolas Pitre
2002-11-01 18:23 ` Shane R. Stixrud
2002-11-01 19:18 ` John Alvord
2002-11-04 2:13 ` Rob Landley
2002-11-04 14:58 ` Patrick Finnegan
2002-11-04 12:59 ` Rob Landley
2002-11-01 15:32 ` Richard B. Johnson
2002-11-01 13:30 ` Alan Cox
2002-11-01 22:28 ` Rusty Russell
2002-11-01 6:27 ` Bill Davidsen
2002-11-01 6:36 ` Linus Torvalds
2002-11-01 7:00 ` [lkcd-devel] " Castor Fu
2002-11-01 8:23 ` Craig I. Hagan
2002-11-01 14:03 ` Patrick Finnegan
2002-11-02 4:57 ` Bill Davidsen
2002-11-01 13:28 ` Alan Cox
2002-11-02 5:00 ` Bill Davidsen
2002-11-02 15:30 ` Alan Cox
2002-11-02 18:55 ` Arnaldo Carvalho de Melo
2002-11-02 19:19 ` romieu
2002-11-02 19:21 ` Arnaldo Carvalho de Melo
2002-11-02 19:32 ` romieu
2002-11-02 19:42 ` Arnaldo Carvalho de Melo
2002-11-02 20:23 ` romieu
2002-11-02 20:31 ` Alan Cox
2002-11-02 20:12 ` Arnaldo Carvalho de Melo
2002-11-01 9:20 ` Henning P. Schmiedehausen
2002-11-01 13:29 ` Alan Cox
2002-10-31 22:20 ` Shawn
2002-10-31 23:14 ` [lkcd-general] " Bernhard Kaindl
2002-11-01 2:01 ` Matt D. Robinson
2002-11-02 10:36 ` Brad Hards
2002-11-02 19:28 ` [lkcd-devel] " Matt D. Robinson
2002-10-31 17:55 ` [lkcd-general] " Dave Craft
2002-10-31 18:45 ` Patrick Mochel
2002-10-31 19:16 ` Stephen Hemminger
2002-10-31 19:57 ` george anzinger
2002-10-31 20:48 ` Stephen Hemminger
2002-10-31 19:33 ` [lkcd-devel] " Castor Fu
2002-10-31 7:46 ` Ville Herva
2002-10-31 9:23 ` Geert Uytterhoeven
2002-10-31 9:39 ` Ville Herva
2002-10-31 10:16 ` Trever L. Adams
2002-10-31 18:08 ` Nicholas Wourms
2002-10-31 13:36 ` mbs
2002-10-31 14:21 ` Chris Friesen
2002-10-31 14:52 ` Suparna Bhattacharya
2002-10-31 16:37 ` Henning P. Schmiedehausen
2002-11-01 0:52 ` James Simmons
2002-11-01 10:24 ` What's left over. (Fbdev rewrite) Helge Hafting
2002-11-05 17:29 ` kexec (was: Re: What's left over.) Werner Almesberger
2002-11-05 18:10 ` Benjamin LaHaise
2002-11-05 19:06 ` Martin J. Bligh
-- strict thread matches above, loose matches on Subject: below --
2002-10-31 14:46 What's left over Richard J Moore
2002-10-31 15:47 ` Jamie Lokier
2002-10-31 14:56 Richard J Moore
2002-10-31 15:12 ` Lars Marowsky-Bree
2002-10-31 16:39 Dr. Greg Wettstein
[not found] <Pine.LNX.4.44.0210301823120.1396-100000@home.transmeta.com.suse.lists.linux.kernel>
[not found] ` <20021031030143.401DA2C150@lists.samba.org.suse.lists.linux.kernel>
2002-10-31 17:25 ` Andi Kleen
2002-11-01 1:08 ` Rusty Russell
2002-10-31 22:47 Perez-Gonzalez, Inaky
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20021031171115.GT15886@ns \
--to=sfrost@snowman.net \
--cc=cw@f00f.org \
--cc=dax@gurulabs.com \
--cc=linux-kernel@vger.kernel.org \
--cc=riel@conectiva.com.br \
--cc=rusty@rustcorp.com.au \
--cc=stephen.willepadnos@verizon.net \
--cc=torvalds@transmeta.com \
--cc=viro@math.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox