[1288] in linux-security and linux-alert archive
Re: [linux-security] Re: t bit and symlinks patch
daemon@ATHENA.MIT.EDU (Rogier Wolff)
Sun Nov 10 18:57:36 1996
To: linux-security@redhat.com
Date: Wed, 30 Oct 1996 15:11:43 +0100 (MET)
In-Reply-To: <199610291956.OAA10987@cais.cais.com> from "Joseph S. D. Yao" at Oct 29, 96 02:56:15 pm
From: R.E.Wolff@bitwizard.nl (Rogier Wolff)
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com
Joseph S. D. Yao wrote:
>
> > > Another way would be to make context sensitive symlinks. (Anybody
> > > remember Domain-OS?). This would allow you to make /tmp a symlink to
> > > $HOME/tmp . There are many more interesting uses of this feature...
> > > Any volunteers? :-)
> >
> > This sounds a lot more interesting.
> >
> > What context do they reference, though? Reading environment variables
> > out of user space sounds horrendous.
>
> Domain-OS was a product of Apollo, which was bought by HP. HP-UX has a
> special "process context" string space. The process context includes
> the system name; the various types of systems, programs compiled for
> which will run on the current system; whether the system is a diskful
> ("localroot") or diskless ("remoteroot") system; and the string
> "default". The context can be read by getcontext(2); there is no
> symmetrical setcontext(2) [as far as I can tell]. Such a call must be
> implemented to make the above proposal work.
Just thinking. How about a writable file in /proc (owned by the
euid of the process) Setting the HOME variable in the kernel context
would be
echo "HOME=$HOME" > /proc/self/kcontext
and examining would be as easy as:
cat /proc/self/kcontext
I wouldn't want to follow HP's idea too closely. A "context dependent
symlink" would be much more powerful.
(
cd /etc/
mkdir rc+
mv rc.joe rc+/joe
mv rc.mary rc+/mary
mv rc.theresa rc+/theresa
mv rc rc.old
ln -s '/etc/rc+/$HOSTNAME' rc
would show what you'd have to do to do what HP does with their
CDFs. However we're much more general than what HP does....
Yes NFS would be hard to do right..... (on the other hand,
just letting the "readlink" return "$HOSTNAME" as a direct
string would require NO extra effort, and then allowing the
Linux-client to interpret whatever it gets is just exactly what
you'd want.......)
Roger.