[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Q: Auth server

From: Marcus Brinkmann
Subject: Re: Q: Auth server
Date: Tue, 23 Oct 2001 14:29:27 +0200
User-agent: Mutt/1.3.22i

On Tue, Oct 23, 2001 at 09:03:59AM +0200, Stefan Karrmann wrote:
> How does the auth server work? I've read the doc (but not the source),
> but I still have only a vague idea about it.
> Mainly the translators check who opens (or modifies ?) a node using
> auth? But how looks the protocol?

Please look into my talk in the Documentation part of the Hurd web page.
It is a handshake protocol, the user provides the server with a rendevouz
port, the user and the server pass the rendevouz port to the auth server,
which matches them.  As auth knows about the user ids (it is the authority
for it), it can pass them to the server, while the user will get a special
server port that was provided to auth by the server.
> What prevents a user to set up a loop-like translator, modify some
> setuids et. al. on the fs-image to obtain root privileges, for example?

The user needs a port to the auth server that represents the user ids.  It
won't get such a port by modifying some bits in a data storage owned by the

> Or can only user X translators provide user X setuid? 

Well, he can do with the filesystem what he wants, so he might make it look
like the executable is owned by root and suid.  But if the translator
doesn't run with root privileges itself, it won't be able to make the suid bit
effective.  Suid root only works among the trusted system servers which run
as root, or if you have the root id already among your effective user ids (I


`Rhubarb is no Egyptian god.' Debian
Marcus Brinkmann              GNU

reply via email to

[Prev in Thread] Current Thread [Next in Thread]