On Tue, Oct 23, 2001 at 09:03:59AM +0200, Stefan Karrmann wrote: > How does the auth server work? I've read the doc (but not the source), > but I still have only a vague idea about it. > Mainly the translators check who opens (or modifies ?) a node using > auth? But how looks the protocol?
Please look into my talk in the Documentation part of the Hurd web page. It is a handshake protocol, the user provides the server with a rendevouz port, the user and the server pass the rendevouz port to the auth server, which matches them. As auth knows about the user ids (it is the authority for it), it can pass them to the server, while the user will get a special server port that was provided to auth by the server. > What prevents a user to set up a loop-like translator, modify some > setuids et. al. on the fs-image to obtain root privileges, for example? The user needs a port to the auth server that represents the user ids. It won't get such a port by modifying some bits in a data storage owned by the user. > Or can only user X translators provide user X setuid? Well, he can do with the filesystem what he wants, so he might make it look like the executable is owned by root and suid. But if the translator doesn't run with root privileges itself, it won't be able to make the suid bit effective. Suid root only works among the trusted system servers which run as root, or if you have the root id already among your effective user ids (I think). Thanks, Marcus -- `Rhubarb is no Egyptian god.' Debian http://www.debian.org [EMAIL PROTECTED] Marcus Brinkmann GNU http://www.gnu.org [EMAIL PROTECTED] [EMAIL PROTECTED] http://www.marcus-brinkmann.de _______________________________________________ Help-hurd mailing list [EMAIL PROTECTED] http://mail.gnu.org/mailman/listinfo/help-hurd
