Coda File System

Re: coda security

From: Ivan Popov <pin_at_medic.chalmers.se>
Date: Wed, 11 Aug 2004 17:49:23 +0200
Hello Jan,

> does coda deny access to the root on the client that does not have
> any account on coda server, but changes identity (su user) to the user
> that has such an account, in order he can manipulate the user's data?

root can access all local objects independent of who is the owner.
It includes cached Coda files, memory image of a Venus process or
the clog command.

There is no protection form root whatsoever on a computer where you clog
and access /coda (root can steal your password, to begin with, and the
tokens as soon as you have got them).

On the other side, a server is totally agnostic of the uids on a client,
it evaluates tokens that a client process presents. In that way,
noone (root or not) on a host where I do not clog could steal my files,
as noone can posess/produce tokens valid for pretending to be me.

Hope it answers your question.

Regards,
--
Ivan
Received on 2004-08-11 11:51:29