Subject: Re: Useful calls taking filehandles
To: Bill Sommerfeld <sommerfeld@orchard.arlington.ma.us>
From: Thor Lancelot Simon <tls@rek.tjls.com>
List: tech-kern
Date: 02/27/1999 01:19:56
On Fri, Feb 26, 1999 at 03:08:06PM -0500, Bill Sommerfeld wrote:
> An interface like this could be very useful for (e.g.) coda and AFS
> servers.
>
> (putting on my security geek hat)
>
> I assume that calls which take a file handle will be restricted to
> root only, securelevel < 2, or thereabouts?
In the spirit of "not allowing permission data to be *modified* at
securelevel > 1" in which I did the ipf and mount(2) changes, I strongly
suggest that at least some of these calls not be allowed at all at
securelevel 2.
Certainly if we're going to rototill the export code, at securelevel 2
or above, changing the export list should be prohibited.
Thor