Re: Re: Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4

From: insecure
Date: Thu Sep 04 2003 - 16:30:24 EST

Next message: William Lee Irwin III: "Re: Scaling noise"
Previous message: Richard B. Johnson: "Re: Driver Model 2 Proposal - Linux Kernel Performance v Usability"
In reply to: Zach, Yoav: "RE: Re: Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thursday 04 September 2003 09:53, Zach, Yoav wrote:
> > --- insecure <insecure@xxxxxxxxxx> wrote:
> > > If the binary resides on a NFS drive ( which
> > > is a very common practice )
> > > then the suid-wrapper solution will not work
> > > because root permissions
> > > are squashed on the remote drive.
> >
> > This is a NFS promlem. Do not work around it by
> > adding crap elsewhere.
> > NFS has to get a decent user auth/crypto features.
> > I did not try it yet, but NFSv4 will address that.
>
> This is not a workaround - it's a solution for systems
> that use the unix user identification mechanism.

In NFSv3 there is _no_ user identification mechanism.
ipaddr based /etc/exports does not count.
--
vda
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: William Lee Irwin III: "Re: Scaling noise"
Previous message: Richard B. Johnson: "Re: Driver Model 2 Proposal - Linux Kernel Performance v Usability"
In reply to: Zach, Yoav: "RE: Re: Re: [PATCH]: non-readable binaries - binfmt_misc 2.6.0-test4"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]