From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: From: David Presotto To: 9fans@cse.psu.edu Subject: Re: [9fans] permission bit of /mail/box In-Reply-To: <2E2DA000-ECA2-11D7-BC2F-000393A941BC@ar.aichi-u.ac.jp> MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-qeygadolsejoewyzyspwuxxzci" Date: Mon, 22 Sep 2003 10:35:59 -0400 Topicbox-Message-UUID: 4133b2cc-eacc-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-qeygadolsejoewyzyspwuxxzci Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Then don't use it. We have a very open environment at the labs. Lots of non-critical stuff is in directories or files that anyone can muck with. All systems stuff isn't. There has to be an ability to create `trust everyone' files and directories in such an environment. If you want to hack your file server to not allow it, that's why the source is open. If you are arguing that its too easy to leak things if you leave anything writable except by small interest groups, then you end up spending a lot of time changing group membership. Eventually, every group ends up being way too inclusive. You are right that, lacking proper protection modes, the catch all can be too easily used in inappropriate ways (like for /mail/box). I believe that chopping off everyones hands to avoid anyone stealing is perhaps not the best solution. I think the boyd/geoff/rminnich/alii solution to make the 'a' bit meaningful in directories is a good one. The trick is making it intuitive also so that people are less likely to make mistakes. --upas-qeygadolsejoewyzyspwuxxzci Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Sun Sep 21 22:13:42 EDT 2003 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Sun Sep 21 22:13:40 EDT 2003 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 5A16A19BBD; Sun, 21 Sep 2003 22:13:16 -0400 (EDT) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.6.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id A8FB819B96; Sun, 21 Sep 2003 22:13:12 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 7445919BC2; Sun, 21 Sep 2003 22:12:23 -0400 (EDT) Received: from ar.aichi-u.ac.jp (ar.aichi-u.ac.jp [202.250.160.40]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 2021619BBD for <9fans@cse.psu.edu>; Sun, 21 Sep 2003 22:12:22 -0400 (EDT) Received: from ar.aichi-u.ac.jp ([61.211.131.3]) by ar; Mon Sep 22 11:12:19 JST 2003 X-warning: suspect envelope domain X-warning: suspect From: domain Subject: Re: [9fans] permission bit of /mail/box Content-Type: text/plain; charset=US-ASCII; format=flowed Mime-Version: 1.0 (Apple Message framework v552) From: Kenji Arisawa To: 9fans@cse.psu.edu Content-Transfer-Encoding: 7bit In-Reply-To: Message-Id: <2E2DA000-ECA2-11D7-BC2F-000393A941BC@ar.aichi-u.ac.jp> X-Mailer: Apple Mail (2.552) Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Mon, 22 Sep 2003 11:12:13 +0900 X-Spam-Status: No, hits=-0.5 required=5.0 tests=IN_REP_TO,USER_AGENT_APPLEMAIL version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) What I don't understand is the needs for the directory to allow anyone to do anything. I am afraid that the existence of such a directory is something like a trap door. Kenji Arisawa --upas-qeygadolsejoewyzyspwuxxzci--