Subject: Re: Need some advice regarding portable user IDs
To: None <wsanchez@apple.com>
From: Michael C. Richardson <mcr@sandelman.ottawa.on.ca>
List: tech-userlevel
Date: 08/18/1999 08:18:50 
>>>>> "Wilfredo" == Wilfredo Sanchez <wsanchez@apple.com> writes:
    Wilfredo>   I think the desired behaviour would be that since this is  
    Wilfredo> effectively now Joe's zip disk, he should be able to do as he  
    Wilfredo> pleases.  One proposal might be to give the console user the  
    Wilfredo> equivalent of root's priveledges on any removeable media he inserts  

  Right now, with MSDOS floppies, with no userids, the user owning the
mount point gets his userid applied to the entire disk. This allows me to
mount my floppies, etc. on mount points that I own, and I own all
the resulting files. I think you want the same thing as an option for 
UFS mounts.

    Wilfredo> Presumably the console user is the one fiddling with the external  
    Wilfredo> media.

  I don't think this is entirely true, and isn't a useful or enforceable
restriction. 

    Wilfredo>   As another example, a similar situation often comes up on the net  
    Wilfredo> with tar files containing UIDs and GIDs other than zero.

  Only with SYSV chown semantics that allow non-root to make files not
owned by them.

    Wilfredo>   So perhaps there needs to be a way to mark a drive as local  
    Wilfredo> (perhaps with a host ID of some sort?) and noticing when a volume is  
    Wilfredo> "foreign" that you need to do something special.  Certainly you might  
    Wilfredo> want to ignore setuid bits, for starters.  This could simply be  
    Wilfredo> something like fstab, which lists the local drives, and everything  
    Wilfredo> else isn't considered local.

  This is solved by having the "nouid" or somesuch thing add to /etc/fstab
by the admin who knows which ones should be trusted. Linux provides "user"
to get the behaviour that we get for free.

    Wilfredo>   Has anyone dived into this area already and have some experience  
    Wilfredo> with it?  It's confusing me pretty good.

  See what AT&T did with RFS. This may be a negative example (i.e. don't do
this).

   :!mcr!:            |  Cow#1: Are you worried about getting Mad Cow Disease?
   Michael Richardson |  Cow#2: No. I'm a duck.
 Home: mcr@sandelman.ottawa.on.ca. PGP key available.