* Re: [9fans] truly hidden files!
@ 2017-11-02 17:20 cinap_lenrek
0 siblings, 0 replies; 4+ messages in thread
From: cinap_lenrek @ 2017-11-02 17:20 UTC (permalink / raw)
To: 9fans
the point is that *YOU* control where to bind stuff in your
own namespaces. if you do not trust that directory, then
do not bind it over /dev or /bin or any part where programs
expect some sanity. the fact that you see or not see the files
does not matter. say you take someones contrib directory and
bind it before /bin. then the people controlling that directory
can make files appear and disappear and replace your /bin/rc.
you also need to trust the hostowner of the machines you
do your computation on.
--
cinap
^ permalink raw reply [flat|nested] 4+ messages in thread
* [9fans] truly hidden files!
2017-11-02 16:39 cinap_lenrek
@ 2017-11-02 16:56 ` Giacomo Tesio
0 siblings, 0 replies; 4+ messages in thread
From: Giacomo Tesio @ 2017-11-02 16:56 UTC (permalink / raw)
I don't know... but it must be something important! :-)
Btw, /dev/null is just an example: the strange thing is that a file
that does not appear in a 'cat folder/' can be opened in place of a
file that is visible there.
When you list a union you can see several files with the same name, so
you know what you are going to open. But here you can open a file that
is not actually visible in the containing folder.
Giacomo
2017-11-02 17:39 GMT+01:00 <cinap_lenrek at felloff.net>:
> what do you not understand about private namespaces?
>
> --
> cinap
>
^ permalink raw reply [flat|nested] 4+ messages in thread
* Re: [9fans] truly hidden files!
@ 2017-11-02 16:39 cinap_lenrek
2017-11-02 16:56 ` Giacomo Tesio
0 siblings, 1 reply; 4+ messages in thread
From: cinap_lenrek @ 2017-11-02 16:39 UTC (permalink / raw)
To: 9fans
what do you not understand about private namespaces?
--
cinap
^ permalink raw reply [flat|nested] 4+ messages in thread
* [9fans] truly hidden files!
@ 2017-11-02 16:26 Giacomo Tesio
0 siblings, 0 replies; 4+ messages in thread
From: Giacomo Tesio @ 2017-11-02 16:26 UTC (permalink / raw)
To: Fans of the OS Plan 9 from Bell Labs
Hi, while debugging a 9P2000 file server I realized that it's very
easy to hide file or folders in Plan 9: just don't include them in the
Rreads of the parent directory.
Given the protocol, I know I'm stating the obvious, but the effect
still surprises me.
Such files/folder would be accessible to programs knowing their exact
names but not visible to the poor user who ignore them.
I wonder if this can be turned to a security issue.
Eg an invisible pipe named "null" and bound before to /dev could
receive top secret data you wanted to destroy.
Giacomo
PS: knowing a program that use these hidden files, /proc/n/fd would
still reveal their path, but the path could still appear legitimate
like the case of /dev/null.
^ permalink raw reply [flat|nested] 4+ messages in thread
end of thread, other threads:[~2017-11-02 17:20 UTC | newest]
Thread overview: 4+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2017-11-02 17:20 [9fans] truly hidden files! cinap_lenrek
-- strict thread matches above, loose matches on Subject: below --
2017-11-02 16:39 cinap_lenrek
2017-11-02 16:56 ` Giacomo Tesio
2017-11-02 16:26 Giacomo Tesio
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).