[1288] in linux-security and linux-alert archive

home help back first fref pref prev next nref lref last post

Re: [linux-security] Re: t bit and symlinks patch

daemon@ATHENA.MIT.EDU (Rogier Wolff)
Sun Nov 10 18:57:36 1996

To: linux-security@redhat.com
Date: Wed, 30 Oct 1996 15:11:43 +0100 (MET)
In-Reply-To: <199610291956.OAA10987@cais.cais.com> from "Joseph S. D. Yao" at Oct 29, 96 02:56:15 pm
From: R.E.Wolff@bitwizard.nl (Rogier Wolff)
Resent-From: linux-security@redhat.com
Reply-To: linux-security@redhat.com

Joseph S. D. Yao wrote:
> 
> >  > Another way would be to make context sensitive symlinks. (Anybody 
> >  > remember Domain-OS?). This would allow you to make /tmp a symlink to
> >  > $HOME/tmp . There are many more interesting uses of this feature...
> >  > Any volunteers? :-)
> > 
> > This sounds a lot more interesting. 
> > 
> > What context do they reference, though? Reading environment variables
> > out of user space sounds horrendous.
> 
> Domain-OS was a product of Apollo, which was bought by HP.  HP-UX has a
> special "process context" string space.  The process context includes
> the system name; the various types of systems, programs compiled for
> which will run on the current system; whether the system is a diskful
> ("localroot") or diskless ("remoteroot") system; and the string
> "default".  The context can be read by getcontext(2); there is no
> symmetrical setcontext(2) [as far as I can tell].  Such a call must be
> implemented to make the above proposal work.

Just thinking. How about a writable file in /proc (owned by the
euid of the process) Setting the HOME variable in the kernel context
would be

   echo "HOME=$HOME" > /proc/self/kcontext 

and examining would be as easy as:

   cat /proc/self/kcontext

I wouldn't want to follow HP's idea too closely. A "context dependent
symlink" would be much more powerful. 

(
   cd /etc/
   mkdir rc+
   mv rc.joe rc+/joe
   mv rc.mary rc+/mary
   mv rc.theresa rc+/theresa
   mv rc rc.old
   ln -s '/etc/rc+/$HOSTNAME' rc

would show what you'd have to do to do what HP does with their
CDFs. However we're much more general than what HP does....

Yes NFS would be hard to do right..... (on the other hand,
just letting the "readlink" return "$HOSTNAME" as a direct
string would require NO extra effort, and then allowing the
Linux-client to interpret whatever it gets is just exactly what
you'd want.......)

						Roger.


home help back first fref pref prev next nref lref last post