Coda File System

Re: process authentication groups (resent)

From: Pavel Machek <pavel_at_elf.ucw.cz>
Date: Tue, 12 May 1998 23:53:57 +0200
Hi!

> Many Unices have a "setpag" (I called it "newpag") system call through
> which a process puts itself into a new process authentication group - a
> new field in process structure. Mostly setpag is called by "login-type"
> programs, and inherited by fork. This serves authentication which is
> not necessarily uid based. 
> 
> Filesystems like AFS and Coda like this system for authentication and
> SMBFS etc could equally use it to their advantage. 
> 
> Will you consider this mini patch which gives us "newpag" and "getpag"
> system calls, implemented by the students cc'd above?  It puts an extra
> unsigned long in the process structure and defines two mini syscalls and
> an entry in the /proc/status output.

How do standart ps-tools, top and similar behave when they see this
new field? 

Also: we already have secondary groups. Can not they be
used for just this purpose? Newpag would just add on-the-fly generated
id into list of secondary groups...

Also: Suppose I'm root and I have pag 123. I want to exec
potentially-dangerous program. How do I do it?

	I used to do
		su nobody
		./program

I do not see syscall to loose pag in there. I think it is needed. What
do you think?

Ok, suppose root wants to sneak into someone else's PAG. How does he
do it?
								Pavel
-- 
I'm really pavel_at_atrey.karlin.mff.cuni.cz. 	   Pavel
Look at http://atrey.karlin.mff.cuni.cz/~pavel/ ;-).
Received on 1998-05-13 15:26:00