[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: Q: Auth server
|
From: |
Marcus Brinkmann |
|
Subject: |
Re: Q: Auth server |
|
Date: |
Tue, 23 Oct 2001 14:29:27 +0200 |
|
User-agent: |
Mutt/1.3.22i |
On Tue, Oct 23, 2001 at 09:03:59AM +0200, Stefan Karrmann wrote:
> How does the auth server work? I've read the doc (but not the source),
> but I still have only a vague idea about it.
> Mainly the translators check who opens (or modifies ?) a node using
> auth? But how looks the protocol?
Please look into my talk in the Documentation part of the Hurd web page.
It is a handshake protocol, the user provides the server with a rendevouz
port, the user and the server pass the rendevouz port to the auth server,
which matches them. As auth knows about the user ids (it is the authority
for it), it can pass them to the server, while the user will get a special
server port that was provided to auth by the server.
> What prevents a user to set up a loop-like translator, modify some
> setuids et. al. on the fs-image to obtain root privileges, for example?
The user needs a port to the auth server that represents the user ids. It
won't get such a port by modifying some bits in a data storage owned by the
user.
> Or can only user X translators provide user X setuid?
Well, he can do with the filesystem what he wants, so he might make it look
like the executable is owned by root and suid. But if the translator
doesn't run with root privileges itself, it won't be able to make the suid bit
effective. Suid root only works among the trusted system servers which run
as root, or if you have the root id already among your effective user ids (I
think).
Thanks,
Marcus
--
`Rhubarb is no Egyptian god.' Debian http://www.debian.org brinkmd@debian.org
Marcus Brinkmann GNU http://www.gnu.org marcus@gnu.org
Marcus.Brinkmann@ruhr-uni-bochum.de
http://www.marcus-brinkmann.de
- Q: Auth server, Stefan Karrmann, 2001/10/23
- Re: Q: Auth server,
Marcus Brinkmann <=