Coda File System

Re: Realm access

From: Jan Harkes <jaharkes_at_cs.cmu.edu>
Date: Mon, 23 Jun 2003 00:33:32 -0400
On Sun, Jun 22, 2003 at 01:31:52PM -0400, Samir Patel wrote:
> Now that Coda uses realms, it's very easy to try connecting to various
> hostnames to see if they run coda (just have to type cd
> /coda/<servername> ).  Is there anyway to limit access to a Coda realm

This has always been possible, it is just a lot easier now :)

I'm not sure what you want to do, but technically you can create IN SRV
entries in DNS that redirect to your 'recommended' set of root-servers.

_codasrv._udp.internal.coda.server.name IN SRV 0 0 2432 root.server1
					IN SRV 0 0 2432 root.server2

etc.

This way, when someone tries to connect to internal.coda.server.name he
will really be talking to the root servers you would prefer. Ofcourse
they will still be mounted as /coda/internal.coda.server.name/. When a
client wants to access a volume hosted by the 'internal' server the
access will ofcourse not be redirected.

If you have clients that access names under /coda that you don't want
resolved which typically only happens with Windows, i.e. /coda/Recycled
you can add a line to /etc/coda/realms with only that name which lists
no servers.

Hmm, rereading the spec it is possible to have an empty IN SRV entries
and get the same effect.

RFC-2782:
    "A Target of "." means that the service is decidedly not available
    at this domain."

    _codasrv._udp.internal.server.name IN SRV 0 0 0 .

So this will make sure that a client will not try to directly connect to
a Coda server on that host as a result of a 'realm mount'. But it will
ofcourse still connect if a Coda 'root server' tells it that it should
go there to access some volume within the realm.

> Assuming someone out there has addressed this sort of security issue,
> can you explain what you did?  If no one has addressed this issue, or
> if the issue is not really an issue... can someone explain?

ACL on the root volume that only allows authenticated users to connect.
With realms a user can pass tokens to venus before connecting to the
realm, so we don't have the lock-out problems we had when a volume that
mounted on /coda didn't allow access for System:AnyUser.

Jan
Received on 2003-06-23 00:35:22