Re: PUBLIC CHALLENGE: (was RE: devfs again, (was RE: USB devicealloc

Alexander Viro (viro@math.psu.edu)
Sat, 9 Oct 1999 02:52:18 -0400 (EDT)


On 8 Oct 1999, david parsons wrote:

> In article <linux.kernel.Pine.GSO.4.10.9910080409500.10704-100000@weyl.math.psu.edu>,
> Alexander Viro <viro@math.psu.edu> wrote:
>
> >> You don't need ownership, except as root, on a filesystem to boot
> >> a Linux+devfs system. It might not resemble a ``standard'' Unix
> >> system, but one of the spiffy things about a Unix kernel is that
> >> it can be adapted to a wide variety of environment.
> >
> > Ho-hum... /tmp without sticky bit is an interesting animal,
>
> The sticky bit hasn't always been there, and when I was at university
> 20 years ago we had a bunch of machines running BSD 2.7 with /tmp
> being 777.

Umhm... Remember the fun with rm /tmp/12345.s; cp my_code.s /tmp/12345.s;
laugh watching as the sucker goes on with compile ending up with a troyan,
don't you?

> >not to
> >mention the nice stuff in /var (sparse files),
>
> What sparse files live in /var? The big spaceeaters in /var on my
> machines are X11, spool (==mail), and adm (==log), for the machines
> that don't spit syslog off to a logserver.

utmp on a serious multi-user system. lastlog.

> >/usr/bin (suid/sgid not to
> >root),
>
> Why not? /usr/bin survives swimmingly even if it's owned by root.

That is, you've done audit of pine, lpc, screen, wall, write, mail, xterm,
etc. installed SGID-root, right? Would you mind sharing it? Ditto for
suid-root man, if you please. Ditto for the method of storing s[u|g]id in
the first place (doable, but you'll have to screw around with the
attributes).

Hey, wait-a-bloody-minute... What about the ownership of $HOME? OK, you
can mount it with uid=... Ouch. Speak about the binary security model...

> plus fat takes a little less room than ext2fs on a floppy, so that
> plus devfs may be enough so I can shoehorn the bloated elephant that
> will be 2.6 onto my install floppy and still have enough room to fit
> the installer and pcmcia utilities.

BTW, do you realize that 2.0.28 is very likely to have racey FAT? The fix
I did for 2.2 will not fly - it seriously depends on dcache, so you'll
have to roll your own. And I don't envy you - it's a messy work. Really. I
will not volunteer for _that_. Even with dcache it was PITA.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/