[9304] in Athena Bugs
bug in AFS protection checking
daemon@ATHENA.MIT.EDU (John Carr)
Sat May 9 17:09:39 1992
To: bugs@Athena.MIT.EDU, bug-afs@Athena.MIT.EDU
Date: Sat, 09 May 1992 16:47:35 EDT
From: John Carr <jfc@Athena.MIT.EDU>
The AFS kernel code seems to let a user stat directories that are
unreadable if they are already in the cache.
Here is an example (run on ajax). I had no tokens when I started.
$ ls -l
pmax_ul4 not found (Permission denied)
rs_aix31 not found (Permission denied)
rt_aos4 not found (Permission denied)
total 2
drwxrwxrwx 7 root 2048 May 7 14:26 vax_bsd43
$ pwd
/afs/rel-eng.athena.mit.edu/project/release/current/build
$ /bin/athena/aklog -path .
$ ls -l
total 8
drwxrwxrwx 7 root 2048 May 7 17:50 pmax_ul4
drwxrwxrwx 7 root 2048 May 9 13:40 rs_aix31
drwxrwxrwx 7 root 2048 May 7 21:15 rt_aos4
drwxrwxrwx 7 root 2048 May 7 14:26 vax_bsd43
$ fs la vax_bsd43 rt_aos4
Access list for vax_bsd43 is
Normal rights:
source:read rl
builder:build rlidwk
Access list for rt_aos4 is
Normal rights:
source:read rl
builder:build rlidwk
(The permissions are the same but I could read only one of the directories
without tokens.)
$ unlog
$ ls -l
total 8
drwxrwxrwx 7 root 2048 May 7 17:50 pmax_ul4
drwxrwxrwx 7 root 2048 May 9 13:40 rs_aix31
drwxrwxrwx 7 root 2048 May 7 21:15 rt_aos4
drwxrwxrwx 7 root 2048 May 7 14:26 vax_bsd43
$
(Now I can stat all directories without tokens.)
About 3 minutes later I ran:
$ ls *
pmax_ul4 not found (Permission denied)
rs_aix31 not found (Permission denied)
rt_aos4 not found (Permission denied)
vax_bsd43 unreadable
$ ls -l
pmax_ul4 not found (Permission denied)
rs_aix31 not found (Permission denied)
rt_aos4 not found (Permission denied)
total 2
drwxrwxrwx 7 root 2048 May 7 14:26 vax_bsd43
Things are now back as they were.
I assume vax_bsd43 was in cache when I started because of previous
builds on ajax.
