From mboxrd@z Thu Jan 1 00:00:00 1970 To: 9fans@cse.psu.edu Subject: Re: [9fans] authenticating local server From: "Russ Cox" Date: Wed, 20 Feb 2008 13:16:58 -0500 In-Reply-To: MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Message-Id: <20080220181652.376181E8C1C@holo.morphisms.net> Topicbox-Message-UUID: 5d0e12b0-ead3-11e9-9d60-3106f5b1d025 > I have a file server which posts a file descriptor in /srv > the idea is that this will be run from cpurc so httpd can > mount it. > > In my naive implementation the server runs as bootes so it > has different access to files to the httpd which normally runs > as none. > > I can just call becomenone() in the start of the server but is > there a better (but not too complex) way to do this using the > username presented to attach so my server gets the apropriate > permissions no matter who mounts it. the short answer is no. the longer answer involves subverting the authentication system via speaksfor and /dev/caphash. russ