force mode (Was: RE: more thoughts on Samba permissions manipulat
Edward Jajko
ejajko at corp.auspex.com
Fri Jun 18 19:49:38 GMT 1999
:)From branko.cibej at hermes.si Fri Jun 18 11:31:56 1999
:)Subject: Re: force mode (Was: RE: more thoughts on Samba permissions manipulat
:)> *sigh* indeed... why can't PC software vendors get these kind of
:)> things right? I know they've been dealing with DOS for the past ten years,
:)> but even so...
:)
:)Actually, the correct fix for this particular Microsoftish misfeature is to
:)cache the permissions and ownership of deleted files for a few seconds, and
:)restore them if the same file is created again while the info in the cache is
:)still alive.
This sounds like a very nasty security hole- if one were to do this, you
should at least force a restriction to a nonprivileged account.
:)
:)Hmmm ... now that I think about it, caching the permissions isn't enough -- you
:)have to preserve hard links, i.e. the node number, too. Which means you have to
:)"logically" delete the file: put it in a table of invisible files, perhaps
:)rename it to, e.g., `.#deleted#<filename>', and delay the unlink. Should be
:)fairly easy to do in a VFS module, and the nice thing is that if you're allowed
:)to delete a file, you're also allowed to rename it (don't know about the sticky
:)bit semantics, though).
And this sounds like the biggest security hole yet ;)
More information about the samba-technical
mailing list