(Illustration by Gaich Muramatsu)
On Thu, Mar 10, 2005 at 05:53:41PM -0500, Jan Harkes wrote: > Actually, there is this annoying bug where a user with expired tokens > gets EACCESS on everything, even on those files that are accessible by > System:Anyuser. I am a bit concerned about letting anyone with expired tokens to access things as System:Anyuser. As System:Anyuser means tokenless connections to the server, I may miss when my tokens expired, and unexpectedly lose the guarantee of server authenticity. I have the guarantee while I am using authenticated access (at least as long as nobody else fetches the objects before I do). What we would possibly need is to mark each object in the cache as "fetched authenticated" vs "unauthenticated" and provide a way for a user to postulate "I want authenticated access _only_". ^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^^ Then I would be guaranteed to never fetch files (thinking, say, of executables) when I do not know the server autnenticity (i.e. without tokens) and could neither unexpectedly get an object insecurely fetched by somebody else. Of course, this would lead sometimes to double fetches: when I access an anonymously cached object, I should trigger a new fetch to be able to access the contents, or be refused the access if I do not have a suitable token. > Only figured that one out a couple of days ago. I think it got > introduced with or shortly after the realms code got merged, so the > problem has been around for a while. It is at least a bit safer situation than otherwise. > > I am suspicious of how venus handles revoking objects in the cache > > that are still open in the kernel. I don't have $HOME in coda, just > > bits that I symlink in, so I am much less likely to have files open > > all the time. I have $HOME on Coda and I do not experience problems when tokens expire. On the other side, I am not using disconnected operation on $HOME. Most often not write disconnected either. When using multiple computers and disconnected operation, bash and mozilla (or any other program unscrupulously updating $HOME/dotfiles) are a disaster. One may want to configure bash so that different sessions do not use the same .bash_history, and mozilla - for different profiles. On the other side, with a bit of discipline in reintegrating, it is very nice to have the same mozilla setup and bookmarks everywhere :) Regards, -- IvanReceived on 2005-03-11 02:48:19