From: G. David Butler gdb@dbSystems.com
Subject: [9fans] Plan9 permissions
Date: Mon, 15 Sep 1997 09:38:50 -0500 [thread overview]
Message-ID: <19970915143850.Wa4MgsL-Xr7wdf-834KjJN0licGsxDFHM_fpLL_cYHM@z> (raw)
From: rsc@plan9.bell-labs.com
> I think the paragraph should read:
>
> "When the owner attempts to do something to a file, the owner
> permissions are consulted only, and if they grant the requested
> permission, the operation is allowed. For someone who is not the
> owner, but is a member of the files's group, only the group
> permissions are consulted. The other permissions are only used
> if the requestor is not the owner or a member of the file's group."
>
>but then it wouldn't be true.
You could have assumed the following:
int
iaccess(File *f, Dentry *d, int m)
{
/*
* various forms of superuser
*/
if(writeallow)
return 0;
if(wstatallow && d->mode & DDIR)
return 0;
if(duallow && duallow == f->uid &&
d->mode & DDIR && (m == DREAD || m == DEXEC))
return 0;
/*
* owner is next
*/
if(f->uid == d->uid) {
if(m << 6 & d->mode)
return 0;
else
return 1;
}
/*
* group membership is hard
*/
if(ingroup(f->uid, d->gid)) {
if(m << 3 & d->mode)
return 0;
else
return 1;
}
/*
* other is easiest
*/
if(m & d->mode)
return 0;
else
return 1;
}
Take for example the incoming directory for anonymous ftp,
/usr/none/incoming.
My way it can be:
d--wxrwxr-x M X none none
Your way it has to be:
d--wx-wx-wx M X none none (you have to change perms to see contents)
or
d--wxrwx-wx M X none sys (or something not none)
>it is silly to honor permissions that are not
>monotonically nonincreasing (octal digitwise)
>from owner to everyone.
Huh?
>if you are the owner and the permissions are
>something like 466, then you can just change them
>with chmod. if you are in the group and the
>permissions are something like 446 or 646, then
>you can just become none (echo -n none >/dev/user)
>and then you have permission again.
So, you are the owner.
>look at /sys/src/fs/port/sub.c:/^iaccess
>on the cd.
Things Change.
next reply other threads:[~1997-09-15 14:38 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
1997-09-15 14:38 G.David [this message]
-- strict thread matches above, loose matches on Subject: below --
1997-09-15 19:33 G.David
1997-09-15 17:59 rsc
1997-09-15 15:18 G.David
1997-09-15 15:15 Lucio
1997-09-15 14:26 rsc
1997-09-15 14:22 Lucio
1997-09-15 13:52 rsc
1997-09-15 13:28 G.David
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=19970915143850.Wa4MgsL-Xr7wdf-834KjJN0licGsxDFHM_fpLL_cYHM@z \
--to=9fans@9fans.net \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).