From mboxrd@z Thu Jan  1 00:00:00 1970
Date: Fri, 17 Dec 2004 13:41:09 +0000
From: Derek Fawcus <dfawcus@cisco.com>
To: Fans of the OS Plan 9 from Bell Labs <9fans@cse.psu.edu>
Subject: Re: [9fans] Acme mailreader - now: User mode filesystems in linux
Message-ID: <20041217134109.N17074@edinburgh.cisco.com>
References: <3e1162e6041216070874f424e5@mail.gmail.com>
	<9ccf822edf0a9a77c141ae47312638dd@collyer.net>
	<20041217102526.0b64d965.martin_ml@parvat.com>
	<20041217152456.3f377069.martin_ml@parvat.com>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
In-Reply-To: <20041217152456.3f377069.martin_ml@parvat.com>;
	from martin_ml@parvat.com on Fri, Dec 17, 2004 at 03:24:56PM +0530
Topicbox-Message-UUID: 19eadbee-eace-11e9-9e20-41e7f4b1d025

On Fri, Dec 17, 2004 at 03:24:56PM +0530, Martin C.Atkins wrote:
> 2) The user-filesystem-daemon only has to run as root during initialisation,
> everything else runs as the user.
> 
> 3) The user-filesystem-daemon can enforce file ownership (as the user) in
> the served directory hierarchy. It can also force off setuid bits, etc.
> Furthermore, users can only attach their fileservers to their own daemons!
> (A bit like per-process mount tables - of course, linux has this already, but
> not in a very user-friendly form)

So while it's running,  I can use gdb to attach to it and get around any security
it's trying to enforce (turn setuid back on,  change ownership to root,  etc).

DF