Friday, July 13, 2007

Re: [BLUG] Unix conventions for controlling file access

I agree with Dave, this does sound like security theatre. However,
according to someone in #kernel on freenode, this technique is decades
old, so it predates a lot of security practices. It doesn't mean its a
good idea though. It could just be that sloppy programmers are not
closing their files before unlinking them.

I've never seen it before and it seemed to be cause of a problem so I
was ready to blame it. I'm still not sure.

I think from a system adminsitrators point of view, it seems like a
really stupid idea, but from a programmers point of view, it seems like
a great idea. Just another example of how those two mindsets really are
different.

Its interesting to note that mysql seems to do this too:

# lsof | grep deleted
[snip]
mysqld 31958 mysql 7u REG 9,0 0 15 /tmp/ibwZfdKe (deleted)
mysqld 31958 mysql 13u REG 9,0 0 16 /tmp/ibR0K4tQ (deleted)
mysqld 31959 mysql 6u REG 9,0 0 14 /tmp/ibuPNjWc (deleted)
mysqld 31959 mysql 7u REG 9,0 0 15 /tmp/ibwZfdKe (deleted)
mysqld 31959 mysql 13u REG 9,0 0 16 /tmp/ibR0K4tQ (deleted)

And you can also still access such deleted files by going into /proc/<pid>/fd

Mark

On Fri, Jul 13, 2007 at 03:33:31PM GMT, Brian Wheeler [bdwheele@indiana.edu] said the following:
> >
> > Sounds like tomfoolery to me. I'd say this qualifies as another act of
> > security theater. I wonder why they would go for this card trick over using
> > actual access control methods.
> >
>
> Well, access controls aside, it is useful for temporary data that you
> definitely want to go away after the process stops. And since multiple
> processes can inherit file descriptors, children of the process that
> opened it can all access it, but others cannot.
>
> > This also sounds like a great way to have their file corrupted.
> >
>
> Corrupted how? Its a file like any other, except the inode has a
> reference count of 0 (+ the open process(es) using it) so its not in any
> danger of being overwritten by other filesystem activity.
>
>
> Brian
>
>
> > - -Dave

--
Mark Krenz
Bloomington Linux Users Group
http://www.bloomingtonlinux.org/
_______________________________________________
BLUG mailing list
BLUG@linuxfan.com
http://mailman.cs.indiana.edu/mailman/listinfo/blug

Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)