[9fans] authenticating local server - Plan9

This is a discussion on [9fans] authenticating local server - Plan9 ; Hi, I have a file server which posts a file descriptor in /srv the idea is that this will be run from cpurc so httpd can mount it. In my naive implementation the server runs as bootes so it has ...

+ Reply to Thread
Results 1 to 3 of 3

Thread: [9fans] authenticating local server

  1. [9fans] authenticating local server

    Hi,

    I have a file server which posts a file descriptor in /srv
    the idea is that this will be run from cpurc so httpd can
    mount it.

    In my naive implementation the server runs as bootes so it
    has different access to files to the httpd which normally runs
    as none.

    I can just call becomenone() in the start of the server but is
    there a better (but not too complex) way to do this using the
    username presented to attach so my server gets the apropriate
    permissions no matter who mounts it.

    -Steve

  2. Re: [9fans] authenticating local server

    since nobody well qualified has answered this, i'll go out on a limb
    and answer at the risk of unleashing somebody's wrath

    the question is confusing to me and i'm guessing at what you are trying
    to do. you could authenticate the user, launch a httpd for
    that user and redirect the user to it. I believe this is how pegasus
    works. then your fs on /srv could require authentication.


    > Hi,
    >
    > I have a file server which posts a file descriptor in /srv
    > the idea is that this will be run from cpurc so httpd can
    > mount it.
    >
    > In my naive implementation the server runs as bootes so it
    > has different access to files to the httpd which normally runs
    > as none.
    >
    > I can just call becomenone() in the start of the server but is
    > there a better (but not too complex) way to do this using the
    > username presented to attach so my server gets the apropriate
    > permissions no matter who mounts it.
    >
    > -Steve



  3. Re: [9fans] authenticating local server

    > I have a file server which posts a file descriptor in /srv
    > the idea is that this will be run from cpurc so httpd can
    > mount it.
    >
    > In my naive implementation the server runs as bootes so it
    > has different access to files to the httpd which normally runs
    > as none.
    >
    > I can just call becomenone() in the start of the server but is
    > there a better (but not too complex) way to do this using the
    > username presented to attach so my server gets the apropriate
    > permissions no matter who mounts it.


    the short answer is no.

    the longer answer involves subverting the authentication
    system via speaksfor and /dev/caphash.

    russ


+ Reply to Thread