* [9fans] authenticating local server
@ 2008-02-19 19:17 Steve Simon
2008-02-20 4:25 ` Skip Tavakkolian
2008-02-20 18:16 ` Russ Cox
0 siblings, 2 replies; 3+ messages in thread
From: Steve Simon @ 2008-02-19 19:17 UTC (permalink / raw)
To: 9fans
Hi,
I have a file server which posts a file descriptor in /srv
the idea is that this will be run from cpurc so httpd can
mount it.
In my naive implementation the server runs as bootes so it
has different access to files to the httpd which normally runs
as none.
I can just call becomenone() in the start of the server but is
there a better (but not too complex) way to do this using the
username presented to attach so my server gets the apropriate
permissions no matter who mounts it.
-Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9fans] authenticating local server
2008-02-19 19:17 [9fans] authenticating local server Steve Simon
@ 2008-02-20 4:25 ` Skip Tavakkolian
2008-02-20 18:16 ` Russ Cox
1 sibling, 0 replies; 3+ messages in thread
From: Skip Tavakkolian @ 2008-02-20 4:25 UTC (permalink / raw)
To: 9fans
since nobody well qualified has answered this, i'll go out on a limb
and answer at the risk of unleashing somebody's wrath :)
the question is confusing to me and i'm guessing at what you are trying
to do. you could authenticate the user, launch a httpd for
that user and redirect the user to it. I believe this is how pegasus
works. then your fs on /srv could require authentication.
> Hi,
>
> I have a file server which posts a file descriptor in /srv
> the idea is that this will be run from cpurc so httpd can
> mount it.
>
> In my naive implementation the server runs as bootes so it
> has different access to files to the httpd which normally runs
> as none.
>
> I can just call becomenone() in the start of the server but is
> there a better (but not too complex) way to do this using the
> username presented to attach so my server gets the apropriate
> permissions no matter who mounts it.
>
> -Steve
^ permalink raw reply [flat|nested] 3+ messages in thread
* Re: [9fans] authenticating local server
2008-02-19 19:17 [9fans] authenticating local server Steve Simon
2008-02-20 4:25 ` Skip Tavakkolian
@ 2008-02-20 18:16 ` Russ Cox
1 sibling, 0 replies; 3+ messages in thread
From: Russ Cox @ 2008-02-20 18:16 UTC (permalink / raw)
To: 9fans
> I have a file server which posts a file descriptor in /srv
> the idea is that this will be run from cpurc so httpd can
> mount it.
>
> In my naive implementation the server runs as bootes so it
> has different access to files to the httpd which normally runs
> as none.
>
> I can just call becomenone() in the start of the server but is
> there a better (but not too complex) way to do this using the
> username presented to attach so my server gets the apropriate
> permissions no matter who mounts it.
the short answer is no.
the longer answer involves subverting the authentication
system via speaksfor and /dev/caphash.
russ
^ permalink raw reply [flat|nested] 3+ messages in thread
end of thread, other threads:[~2008-02-20 18:16 UTC | newest]
Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2008-02-19 19:17 [9fans] authenticating local server Steve Simon
2008-02-20 4:25 ` Skip Tavakkolian
2008-02-20 18:16 ` Russ Cox
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).