[248] in The Cryptographic File System users list
Re: multi user question
daemon@ATHENA.MIT.EDU (aaron)
Fri Oct 26 18:13:33 2001
From owner-cfs-users@crypto.com Fri Oct 26 22:13:33 2001
Return-Path: <owner-cfs-users@crypto.com>
Delivered-To: cfs-mtg@CHARON.mit.edu
Received: (qmail 21507 invoked from network); 26 Oct 2001 22:13:33 -0000
Received: from mx.crypto.com (207.140.168.138)
by charon.mit.edu with SMTP; 26 Oct 2001 22:13:33 -0000
Received: (from majordomo@localhost)
by MultiHostMXServer (8.9.3/8.9.x4) id SAA13860
for cfs-users-list; Fri, 26 Oct 2001 18:01:48 -0400 (EDT)
X-Authentication-Warning: mx.crypto.com: majordomo set sender to owner-cfs-users@crypto.com using -f
Received: from nsa.research.att.com (H-135-207-24-155.research.att.com [135.207.24.155])
by MultiHostMXServer (8.9.3/8.9.x4) with ESMTP id SAA31980
for <cfs-users@crypto.com>; Fri, 26 Oct 2001 18:01:46 -0400 (EDT)
Received: from mail-blue.research.att.com (mail-blue.research.att.com [135.207.30.102]) by nsa.research.att.com (8.7.3/8.7.3) with ESMTP id SAA16823 for <cfs-users@nsa.research.att.com>; Fri, 26 Oct 2001 18:01:45 -0400 (EDT)
Received: by mail-blue.research.att.com (Postfix)
id 4898E4CE20; Fri, 26 Oct 2001 18:01:46 -0400 (EDT)
Delivered-To: cfs-users@research.att.com
Received: from meta.lo-res.org (meta.lo-res.org [195.58.189.92])
by mail-blue.research.att.com (Postfix) with ESMTP id 824D34CE2E
for <cfs-users@research.att.com>; Fri, 26 Oct 2001 18:01:45 -0400 (EDT)
Received: from there ([194.24.158.17])
by meta.lo-res.org (8.11.6/8.11.6) with SMTP id f9QM2VI97670
for <cfs-users@research.att.com>; Sat, 27 Oct 2001 00:02:32 +0200 (CEST)
(envelope-from aaron@lo-res.org)
Message-Id: <200110262202.f9QM2VI97670@meta.lo-res.org>
Content-Type: text/plain;
charset="iso-8859-1"
X-KMail-Redirect-From: aaron <aaron@lo-res.org>
Subject: Re: multi user question
From: aaron <aaron@lo-res.org>(by way of aaron <aaron@lo-res.org>)
Date: Sat, 27 Oct 2001 00:01:36 +0200
To: cfs-users@research.att.com
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit
Sender: owner-cfs-users@crypto.com
Precedence: bulk
follow up from my previous post:
I finally read the paper. This is how CFS was designed.
stupid me, I should have read the well written paper first, sorry for asking
on the list.
aaron
> and here is the problem:
>
> # ls -alFg /usr/crypt
> total 1
> drwx------ 2 root wheel - 512 Oct 26 17:14 mail/
>
> i obviously cattached it as root. If I cattach it as another user, it will
> belong to that user but still have permissions 700.
>
> did I misunderstand something? Ah yes: version is cfs 1.4.0 beta2
>
>
> thanks again for your time, I really appreciate your help.
>
>
> aaron.
>
> > What is happening is that NFS is doing the usual 'root->nobody' mapping.
> >
> > *HOWEVER* - I have to recommend against this. Consider that usually,
> > the reason for using CFS is because you *dont* trust 'root'. If you do
> > this, you have basically *no* added security (consider that in a
> > multi-user system, that directory has to be attached 24x7 so mail can be
> > delivered).
> >
> > Also - you *really* need to allow the users write access to their
> > mailbox, as otherwise they can't remove already-read items (unless the
> > *idea* here is to *keep* them from deleting already-read mail?)
> >
> > And of course, the usual caveats apply here - encrypting the mailbox does
> > no real good unless you've *also* done a threat analysis on the *entire*
> > end-to-end mail process - is TLS or similar used to secure the SMTP
> > transaction? Are the MUAs fixed (or at least users educated) to prevent
> > them saving a sensitive mail as a world-readable file? And so on....
