From owner-freebsd-hackers Wed Nov 27 14:18:30 1996 Return-Path: owner-hackers Received: (from root@localhost) by freefall.freebsd.org (8.7.5/8.7.3) id OAA16533 for hackers-outgoing; Wed, 27 Nov 1996 14:18:30 -0800 (PST) Received: from alpo.whistle.com (alpo.whistle.com [207.76.204.38]) by freefall.freebsd.org (8.7.5/8.7.3) with ESMTP id OAA16503 for ; Wed, 27 Nov 1996 14:18:22 -0800 (PST) Received: from current1.whistle.com (current1.whistle.com [207.76.205.22]) by alpo.whistle.com (8.8.2/8.8.2) with SMTP id OAA19060; Wed, 27 Nov 1996 14:09:42 -0800 (PST) Message-ID: <329CBC11.59E2B600@whistle.com> Date: Wed, 27 Nov 1996 14:09:21 -0800 From: Julian Elischer Organization: Whistle Communications X-Mailer: Mozilla 3.0Gold (X11; I; FreeBSD 2.2-CURRENT i386) MIME-Version: 1.0 To: "Hr.Ladavac" CC: wpaul@skynet.ctr.columbia.edu, terry@lambert.org, sprice@hiwaay.net, hackers@freebsd.org Subject: Re: looking for an idea References: <199611271305.AA071569903@ws2301.gud.siemens.co.at> Content-Type: text/plain; charset=us-ascii Content-Transfer-Encoding: 7bit Sender: owner-hackers@freebsd.org X-Loop: FreeBSD.org Precedence: bulk Hr.Ladavac wrote: > > E-mail message from Julian Elischer contained: > > Bill Paul wrote: > > > > > > > > If YOU ( the server) are root.... > > > > make a file owned by them mode 400 > > require them to open it and send you the file descriptor via AF_UNIX > > > > check it matches.. > > if it does, then > > 1/ the are themselves > > or > > 2/ they are root (game over) > > Or > 3) they made a hard link, opened that, and sent you the > file descriptor. hard links have the same ownership as the original! and only the owner can make one anyhow, so they have to be the correct user to do this.... > > The only protection agains that is a partition writable only > by root where these files are to live--almost as bad as > procfs. > > /Marino