--7ZAtKRhVyVSsbBD2
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable

On Fri, Aug 20, 2004 at 07:14:10PM -0400, Thor Lancelot Simon wrote:
> On Fri, Aug 20, 2004 at 06:31:41PM -0400, VaX#n8 wrote:
> > In message <20040820021634.GW27477@che.ojctech.com>, David Young writes:
> > >What do the suid programs do?  Why do they need to be suid at all?
> >=20
> > Cursory analysis:
> >=20
> > It appears the SUID programs need root to perform:
> >=20
> > mount("tcfs",filesystem,MNT_UPDATE,(void*)arg);
> >=20
> > This appears to be how TCFS pushes keys into the kernel for
> > use in decrypting files.
>=20
> Perhaps you should add another system call (or an ioctl?  given that
> we're working on files, that might make much more sense) that normal
> users can perform, instead of abusing the mount syscall this way.

I'd vote for a fcntl(). On NetBSD, there is a portion of the fcntl space=20
that is sent through to the fs, and a portion of that space is reserved=20
for fs-specific things. So just use that space for updating keys.

Check out F_FSCTL (indicates goes to fs), F_FSPRIV (fs-specific), and the=
=20
other macros in sys/fcntl.h. Pick a letter, say 'T', for your fs and go=20
from there.

The advantage of an fcntl() for this stuff is that it will go to the fs=20
regardless of the node type - it still gets to the fs even for device=20
nodes.

Take care,

Bill

--7ZAtKRhVyVSsbBD2
Content-Type: application/pgp-signature
Content-Disposition: inline

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (NetBSD)

iD8DBQFBLi0WWz+3JHUci9cRAlnZAJ9V1sgXqaMd7DIUiVnJmAJv/DP6NQCdHSnd
DAW0BskwvBPyaNcrRw9Diro=
=w5kB
-----END PGP SIGNATURE-----

--7ZAtKRhVyVSsbBD2--