From mboxrd@z Thu Jan  1 00:00:00 1970
X-Spam-Checker-Version: SpamAssassin 3.4.4 (2020-01-24) on inbox.vuxu.org
X-Spam-Level: 
X-Spam-Status: No, score=0.0 required=5.0 tests=none autolearn=ham
	autolearn_force=no version=3.4.4
Received: (qmail 18007 invoked from network); 18 Dec 2022 20:31:14 -0000
Received: from 9front.inri.net (168.235.81.73)
  by inbox.vuxu.org with ESMTPUTF8; 18 Dec 2022 20:31:14 -0000
Received: from duke.felloff.net ([216.126.196.34]) by 9front; Sun Dec 18 15:29:50 -0500 2022
Message-ID: <50132FE0A83DDFE85A34164113370DB9@felloff.net>
Date: Sun, 18 Dec 2022 21:29:40 +0100
From: cinap_lenrek@felloff.net
To: 9front@9front.org
In-Reply-To: <C8B1A836-6210-42AF-9C3C-AA2D3B003018@stanleylieber.com>
MIME-Version: 1.0
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
List-ID: <9front.9front.org>
List-Help: <http://lists.9front.org>
X-Glyph: ➈
X-Bullshit: shared converged browser app out-scaling hardware scripting API 
Subject: Re: [9front] cwfs footgun
Reply-To: 9front@9front.org
Precedence: bulk

> by default, when cwfs is listening on port 564, anyone can attach as user none.
> nonone disables it.

correct. this was the default behaviour of the kenfs fileserver.

"nonoe" was added by 9front later in case you do not want to give everyone
on the internet access to all "world readable" files.

btw.

netaudit(8) will also check for this now, trying if it can dial the fileserver
and attach as "none" without authentication and see if it succeeds.

--
cinap