From: David Presotto <presotto@closedmind.org>
To: uncover@beat.cc.titech.ac.jp, 9fans@cse.psu.edu
Subject: Re: [9fans] can any user create files as bootes?
Date: Mon, 7 Jul 2003 10:17:42 -0400 [thread overview]
Message-ID: <e3852588aa8a4558719fcfcfe56c579f@plan9.bell-labs.com> (raw)
[-- Attachment #1: Type: text/plain, Size: 765 bytes --]
Cool!
After telnetd remakes your namespace, the current directory is still
under the old namespace. Normally this wouldn't be a problem since
the listener should be running as 'none' and should have created a
new namespace and cd'd to /usr/none. However, you also have no
/usr/none so, although the namespace has been rebuilt twice, your
current directory is still from two namespaces ago.
Thanks much, this is a bad hole for anyone that doesn't have a
/usr/none. Until I fix it, create a directory /usr/none with the
following protections:
d-rwxrwxr-x M 647925 none none 0 Mar 28 2000 /usr/none
That should leave the no home directory user in /usr/none when he
logs in and with no permissions to write any files that aren't
world writable.
[-- Attachment #2: Type: message/rfc822, Size: 3413 bytes --]
From: YAMANASHI Takeshi <uncover@beat.cc.titech.ac.jp>
To: 9fans@cse.psu.edu
Subject: [9fans] can any user create files as bootes?
Date: Mon, 7 Jul 2003 15:22:22 +0900
Message-ID: <d86192d20908ec1263fd26523353bd41@orthanc.cc.titech.ac.jp>
If a user login but the home directory doesn't exist,
the user lands on somewhere like /usr/bootes and the
user seemingly keeps the permission of bootes.
But the user looses the permission once he have issued
a `cd' command with an absolute path as its argument.
Does this just happen only on my plan 9 system?
I attched the transcription:
% nashi@p9t telnet -r aman
connected to tcp!aman!telnet on /net/tcp/1
user: mma
challenge: 92119
response: 55feacc3
aman#
aman# pwd
/usr/bootes
aman# ls /usr
/usr/bootes
/usr/glenda
/usr/nashi
/usr/sysnashi
aman#
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:12 hoge
aman# rm hoge
aman# ls -l hoge
ls: hoge: 'hoge' directory entry not found
aman# touch hoge
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:13 hoge
aman# cd ../../usr/bootes
aman# ls -l fuga
ls: fuga: 'fuga' directory entry not found
aman# touch fuga
aman# ls -l fuga
--rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:14 fuga
aman#
aman#
aman# cd /usr/bootes
aman# ls -l foo
ls: foo: 'foo' directory entry not found
aman# touch foo
touch: foo: cannot create: access permission denied
aman# rm hoge
rm: hoge: access permission denied
aman# rm fuga
rm: fuga: access permission denied
aman#
aman# exit
next reply other threads:[~2003-07-07 14:17 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-07-07 14:17 David Presotto [this message]
-- strict thread matches above, loose matches on Subject: below --
2003-07-07 6:22 YAMANASHI Takeshi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=e3852588aa8a4558719fcfcfe56c579f@plan9.bell-labs.com \
--to=presotto@closedmind.org \
--cc=9fans@cse.psu.edu \
--cc=uncover@beat.cc.titech.ac.jp \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).