Subject: Re: proposed: /usr/src/usr.bin/tcfs/*, needs gdbm, some SUID programs
To: VaX#n8 <firstname.lastname@example.org>
From: Bill Studenmund <email@example.com>
Date: 08/26/2004 11:33:58
Content-Type: text/plain; charset=us-ascii
On Fri, Aug 20, 2004 at 07:14:10PM -0400, Thor Lancelot Simon wrote:
> On Fri, Aug 20, 2004 at 06:31:41PM -0400, VaX#n8 wrote:
> > In message <20040820021634.GW27477@che.ojctech.com>, David Young writes:
> > >What do the suid programs do? Why do they need to be suid at all?
> > Cursory analysis:
> > It appears the SUID programs need root to perform:
> > mount("tcfs",filesystem,MNT_UPDATE,(void*)arg);
> > This appears to be how TCFS pushes keys into the kernel for
> > use in decrypting files.
> Perhaps you should add another system call (or an ioctl? given that
> we're working on files, that might make much more sense) that normal
> users can perform, instead of abusing the mount syscall this way.
I'd vote for a fcntl(). On NetBSD, there is a portion of the fcntl space=20
that is sent through to the fs, and a portion of that space is reserved=20
for fs-specific things. So just use that space for updating keys.
Check out F_FSCTL (indicates goes to fs), F_FSPRIV (fs-specific), and the=
other macros in sys/fcntl.h. Pick a letter, say 'T', for your fs and go=20
The advantage of an fcntl() for this stuff is that it will go to the fs=20
regardless of the node type - it still gets to the fs even for device=20
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)
-----END PGP SIGNATURE-----