Re: [9fans] A few questions about 9p

[Giacomo Tesio <giacomo@tesio.it>]

[-- Attachment #1: Type: text/plain, Size: 1814 bytes --]

Il 29/Gen/2015 11:12 "Charles Forsyth" <charles.forsyth@gmail.com> ha
scritto:
>
>
> On 29 January 2015 at 09:04, Giacomo Tesio <giacomo@tesio.it> wrote:
>>
>> What's the meaning of qids? I see that responses often include them but
request messages do not.
>
>     see intro(5) or intro(9P) depending on system. They identify a file
on a server; they are a value provided by the server to the client,
>     so they only appear in replies.

Thanks Charles for your answer.
Actually I can't imagine it's usage in the client.  I mean: clients should
use path to identify files, shouldn't them?

>>
>> What's the proper message sequence to delete a file? And to delete a non
empty directly?
>
>     You point a fid at the file, then remove it:    Twalk* ... Tremove
>     A non-empty directory can't be removed.
>     Tremove implies Tclunk

Ehm... I didn't saw the Tremove message.. sorry.

>>
>> I can't find details on the file execution permission: looks like a
malicious client could just ignore it on files and execute anything that it
can read (obviously I'm just talking about single files,  not directory).
>
>     It's not malicious, just incorrect. Obviously you can't execute a
remote image or script unless you read it.

By malicious I mean that the client could execute a script that it wasn't
allowed to.

Actually if we separate storage and execution, that's probably inevitable.

>>
>> When I should clunk the afid?
>
>     When the client closes it.

Ok but when should the client close it?

Is it still valid to Tattach after the afid has been closed? How many
times? I'm thinking about potential security issues allowing an attacker to
attach a file server just guessing the afid provided by another user.

Thanks again for your help!

Giacomo

[-- Attachment #2: Type: text/html, Size: 2362 bytes --]