Date: Mon, 21 Aug 2000 19:04:34 -0400 (EDT) From: Robert Watson <rwatson@freebsd.org> To: Damian Kuczynski <Damian_Kuczynski@nik.gov.pl> Cc: freebsd-hackers@freebsd.org Subject: Re: quotas and file creditentials Message-ID: <Pine.NEB.3.96L.1000821190207.89810G-100000@fledge.watson.org> In-Reply-To: <3992A8C7.1B5CC765@nik.gov.pl>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 10 Aug 2000, Damian Kuczynski wrote: > When I tried to analizee problem with mail.local writing messages to > user mailmox over quota limit I saw, that once root open a file which > belongs to nonprivileged user ex. test1, and after that drops his > privlegees to this user then user test1 is able to write to this file as > many data an he want and qverquota his disk limits mail.local works in > this maneer so it is able to overquota user mailbox. > > Is this normal, or maybe file should be writen under permissions > effective user (euid=test1) Damian, Cached credentials for file descriptor (socket, file) access are a fairly widely used phenomena under UNIX, and probably not something that should be used; the defined semantics indicate that access checks can occur only on open(), not necessarily on individual read()/write() calls. However, what you could do is move the open() in mail.local to after the revocation of privilege, although you'd want to create the mailbox first with privilege if it doesn't already exist. This would probably give the correct semantics from the perspective of quotas. At one point patches to do this were floating around -- from your message, I think it's safe to assume that they were not committed. Might be worth checking the archives of -hackers and -isp. Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000821190207.89810G-100000>