From mboxrd@z Thu Jan 1 00:00:00 1970 Message-ID: From: David Presotto To: uncover@beat.cc.titech.ac.jp, 9fans@cse.psu.edu Subject: Re: [9fans] can any user create files as bootes? MIME-Version: 1.0 Content-Type: multipart/mixed; boundary="upas-urysejxauqpanpsalirvimquxc" Date: Mon, 7 Jul 2003 10:17:42 -0400 Topicbox-Message-UUID: eb6c5e84-eacb-11e9-9e20-41e7f4b1d025 This is a multi-part message in MIME format. --upas-urysejxauqpanpsalirvimquxc Content-Disposition: inline Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Cool! After telnetd remakes your namespace, the current directory is still under the old namespace. Normally this wouldn't be a problem since the listener should be running as 'none' and should have created a new namespace and cd'd to /usr/none. However, you also have no /usr/none so, although the namespace has been rebuilt twice, your current directory is still from two namespaces ago. Thanks much, this is a bad hole for anyone that doesn't have a /usr/none. Until I fix it, create a directory /usr/none with the following protections: d-rwxrwxr-x M 647925 none none 0 Mar 28 2000 /usr/none That should leave the no home directory user in /usr/none when he logs in and with no permissions to write any files that aren't world writable. --upas-urysejxauqpanpsalirvimquxc Content-Type: message/rfc822 Content-Disposition: inline Received: from plan9.cs.bell-labs.com ([135.104.9.2]) by plan9; Mon Jul 7 02:23:21 EDT 2003 Received: from mail.cse.psu.edu ([130.203.4.6]) by plan9; Mon Jul 7 02:23:18 EDT 2003 Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 8D9A519BF7; Mon, 7 Jul 2003 02:23:12 -0400 (EDT) Received: from psuvax1.cse.psu.edu (psuvax1.cse.psu.edu [130.203.4.6]) by mail.cse.psu.edu (CSE Mail Server) with ESMTP id 7448519B27; Mon, 7 Jul 2003 02:23:08 -0400 (EDT) X-Original-To: 9fans@cse.psu.edu Delivered-To: 9fans@cse.psu.edu Received: by mail.cse.psu.edu (CSE Mail Server, from userid 60001) id 4C6B419AEC; Mon, 7 Jul 2003 02:22:45 -0400 (EDT) Received: from mx2.net.titech.ac.jp (mx2.net.titech.ac.jp [131.112.125.31]) by mail.cse.psu.edu (CSE Mail Server) with SMTP id A3C3519A0D for <9fans@cse.psu.edu>; Mon, 7 Jul 2003 02:22:43 -0400 (EDT) Received: (qmail 47630 invoked from network); 7 Jul 2003 06:22:32 -0000 Received: from unknown (HELO vc2.net.titech.ac.jp) (131.112.125.36) by mx2.net.titech.ac.jp with SMTP; 7 Jul 2003 06:22:32 -0000 Received: from unknown (HELO o.cc.titech.ac.jp) (127.0.0.1) by localhost with SMTP; 7 Jul 2003 06:22:32 -0000 Received: from p9t by mail-o.cc.titech.ac.jp (8.11.3/1.1.10.5/20Feb97-0455PM) id h676MRK261344; Mon, 7 Jul 2003 15:22:32 +0900 (JST) Message-ID: To: 9fans@cse.psu.edu From: YAMANASHI Takeshi MIME-Version: 1.0 Content-Type: text/plain; charset="US-ASCII" Content-Transfer-Encoding: 7bit Subject: [9fans] can any user create files as bootes? Sender: 9fans-admin@cse.psu.edu Errors-To: 9fans-admin@cse.psu.edu X-BeenThere: 9fans@cse.psu.edu X-Mailman-Version: 2.0.11 Precedence: bulk Reply-To: 9fans@cse.psu.edu List-Id: Fans of the OS Plan 9 from Bell Labs <9fans.cse.psu.edu> List-Archive: Date: Mon, 7 Jul 2003 15:22:22 +0900 X-Spam-Status: No, hits=0.0 required=5.0 tests=none version=2.55 X-Spam-Level: X-Spam-Checker-Version: SpamAssassin 2.55 (1.174.2.19-2003-05-19-exp) If a user login but the home directory doesn't exist, the user lands on somewhere like /usr/bootes and the user seemingly keeps the permission of bootes. But the user looses the permission once he have issued a `cd' command with an absolute path as its argument. Does this just happen only on my plan 9 system? I attched the transcription: % nashi@p9t telnet -r aman connected to tcp!aman!telnet on /net/tcp/1 user: mma challenge: 92119 response: 55feacc3 aman# aman# pwd /usr/bootes aman# ls /usr /usr/bootes /usr/glenda /usr/nashi /usr/sysnashi aman# aman# ls -l hoge --rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:12 hoge aman# rm hoge aman# ls -l hoge ls: hoge: 'hoge' directory entry not found aman# touch hoge aman# ls -l hoge --rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:13 hoge aman# cd ../../usr/bootes aman# ls -l fuga ls: fuga: 'fuga' directory entry not found aman# touch fuga aman# ls -l fuga --rw-rw-r-- M 8 bootes bootes 0 Jul 7 15:14 fuga aman# aman# aman# cd /usr/bootes aman# ls -l foo ls: foo: 'foo' directory entry not found aman# touch foo touch: foo: cannot create: access permission denied aman# rm hoge rm: hoge: access permission denied aman# rm fuga rm: fuga: access permission denied aman# aman# exit --upas-urysejxauqpanpsalirvimquxc--