Re: [9fans] can any user create files as bootes?

Re: [9fans] can any user create files as bootes?

[David Presotto]

[-- Attachment #1: Type: text/plain, Size: 765 bytes --]

Cool!

After telnetd remakes your namespace, the current directory is still
under the old namespace.  Normally this wouldn't be a problem since
the listener should be running as 'none' and should have created a
new namespace and cd'd to /usr/none.  However, you also have no
/usr/none so, although the namespace has been rebuilt twice, your
current directory is still from two namespaces ago.

Thanks much, this is a bad hole for anyone that doesn't have a
/usr/none.  Until I fix it, create a directory /usr/none with the
following protections:

d-rwxrwxr-x M 647925 none none 0 Mar 28  2000 /usr/none

That should leave the no home directory user in /usr/none when he
logs in and with no permissions to write any files that aren't
world writable.

[-- Attachment #2: Type: message/rfc822, Size: 3413 bytes --]

From: YAMANASHI Takeshi <uncover@beat.cc.titech.ac.jp>
To: 9fans@cse.psu.edu
Subject: [9fans] can any user create files as bootes?
Date: Mon, 7 Jul 2003 15:22:22 +0900
Message-ID: <d86192d20908ec1263fd26523353bd41@orthanc.cc.titech.ac.jp>

If a user login but the home directory doesn't exist,
the user lands on somewhere like /usr/bootes and the
user seemingly keeps the permission of bootes.
But the user looses the permission once he have issued
a `cd' command with an absolute path as its argument.

Does this just happen only on my plan 9 system?


I attched the transcription:

% nashi@p9t telnet -r aman
connected to tcp!aman!telnet on /net/tcp/1
user: mma
challenge: 92119
response: 55feacc3
aman#
aman# pwd
/usr/bootes
aman# ls /usr
/usr/bootes
/usr/glenda
/usr/nashi
/usr/sysnashi
aman#
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:12 hoge
aman# rm hoge
aman# ls -l hoge
ls: hoge: 'hoge' directory entry not found
aman# touch hoge
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:13 hoge
aman# cd ../../usr/bootes
aman# ls -l fuga
ls: fuga: 'fuga' directory entry not found
aman# touch fuga
aman# ls -l fuga
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:14 fuga
aman#
aman#
aman# cd /usr/bootes
aman# ls -l foo
ls: foo: 'foo' directory entry not found
aman# touch foo
touch: foo: cannot create: access permission denied
aman# rm hoge
rm: hoge: access permission denied
aman# rm fuga
rm: fuga: access permission denied
aman#
aman# exit

[9fans] can any user create files as bootes?

[YAMANASHI Takeshi]

If a user login but the home directory doesn't exist,
the user lands on somewhere like /usr/bootes and the
user seemingly keeps the permission of bootes.
But the user looses the permission once he have issued
a `cd' command with an absolute path as its argument.

Does this just happen only on my plan 9 system?


I attched the transcription:

% nashi@p9t telnet -r aman
connected to tcp!aman!telnet on /net/tcp/1
user: mma
challenge: 92119
response: 55feacc3
aman#
aman# pwd
/usr/bootes
aman# ls /usr
/usr/bootes
/usr/glenda
/usr/nashi
/usr/sysnashi
aman#
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:12 hoge
aman# rm hoge
aman# ls -l hoge
ls: hoge: 'hoge' directory entry not found
aman# touch hoge
aman# ls -l hoge
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:13 hoge
aman# cd ../../usr/bootes
aman# ls -l fuga
ls: fuga: 'fuga' directory entry not found
aman# touch fuga
aman# ls -l fuga
--rw-rw-r-- M 8 bootes bootes 0 Jul  7 15:14 fuga
aman#
aman#
aman# cd /usr/bootes
aman# ls -l foo
ls: foo: 'foo' directory entry not found
aman# touch foo
touch: foo: cannot create: access permission denied
aman# rm hoge
rm: hoge: access permission denied
aman# rm fuga
rm: fuga: access permission denied
aman#
aman# exit