From: "Russ Cox" <rsc@plan9.bell-labs.com>
To: 9fans@cse.psu.edu
Subject: Re: [9fans] Plan 9 (in)security
Date: Sat, 26 May 2001 20:52:06 -0400 [thread overview]
Message-ID: <20010527005209.5BFFE199EC@mail.cse.psu.edu> (raw)
> I just wanted to bring attention to the fact that many if not all
> of the networkable 9p servers seem to be horrendously insecure,
> and since some of them will allow anonymous attach, any Plan 9
> server with exported filesystems is vulnerable to a sufficiently
> clever attacker.
I think you exaggerate here. Most of the 9P servers
do no authentication whatsoever, but those aren't
listening to the network. Exportfs listens to the
network, and it requires authentication. Most of
the file servers don't matter from a security point
of view, any more than cat matters. Wiki also listens
to the network, but that was written with the 9P
library, which is more demanding of its input.
Further, the specific bug you mentioned (conv?2?)
is corrected in the interface for the new 9P protocol.
Russ
next reply other threads:[~2001-05-27 0:52 UTC|newest]
Thread overview: 26+ messages / expand[flat|nested] mbox.gz Atom feed top
2001-05-27 0:52 Russ Cox [this message]
-- strict thread matches above, loose matches on Subject: below --
2001-07-02 18:10 David Gordon Hogan
2001-07-02 19:09 ` Dan Cross
2001-07-02 15:02 Sape Mullender
2001-07-02 15:52 ` Dan Cross
2001-07-02 16:24 ` Sam Ducksworth
2001-07-02 12:01 nigel
2001-07-02 12:05 ` George Michaelson
2001-07-02 12:07 ` rob pike
2001-07-02 1:38 okamoto
2001-07-02 2:03 ` Jim Choate
2001-07-02 11:56 ` rob pike
2001-05-27 15:00 rob pike
2001-05-27 4:27 rob pike
2001-05-27 6:43 ` Richard Elberger
2001-05-29 9:17 ` Douglas A. Gwyn
2001-06-29 9:23 ` Alex Danilo
2001-06-29 13:57 ` Douglas A. Gwyn
2001-06-29 21:08 ` Boyd Roberts
2001-05-26 23:02 jmk
2001-05-26 23:22 ` Alexander Viro
2001-05-26 19:54 Mike Haertel
2001-05-26 22:47 ` Alexander Viro
2001-05-26 23:23 ` Mike Haertel
2001-05-27 1:40 ` Alexander Viro
2001-05-28 4:40 ` Lucio De Re
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20010527005209.5BFFE199EC@mail.cse.psu.edu \
--to=rsc@plan9.bell-labs.com \
--cc=9fans@cse.psu.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).