LISTSERV - HP3000-L Archives

HP3000-L Archives

April 1997, Week 1

HP3000-L@RAVEN.UTC.EDU

	LISTSERV Archives
	HP3000-L Home
	HP3000-L April 1997, Week 1

	Log In
	Register

	Subscribe or Unsubscribe

	Search Archives

Options:	Use Monospaced Font Show Text Part by Default Show All Mail Headers
Message:	[<< First] [< Prev] [Next >] [Last >>]
Topic:	[<< First] [< Prev] [Next >] [Last >>]
Author:	[<< First] [< Prev] [Next >] [Last >>]

Subject:	POSIX/MPE security inconsistencies
From:	Mark Bixby <[log in to unmask]>
Reply To:	[log in to unmask]
Date:	Wed, 2 Apr 1997 14:13:00 -0800
Content-Type:	text/plain
Parts/Attachments:	text/plain (24 lines)

MPE requires AM or SM capability to view file creators, but POSIX will let
anybody view this information.  I.e. a vanilla non-prived user can do this:

:listfile query.pub.sys,-3
          ^
Listing sensitive file data requires AM capability for files in your logon
account; otherwise, SM capability is required. (CIERR 928)

:sh "-c 'ls -l /SYS/PUB/QUERY'"
-rwxr-xr-x   1 MANAGER.SYS       SYS      1754624 Nov 29 10:11 /SYS/PUB/QUERY

I personally prefer the more relaxed POSIX functionality.  :-)  It would be
hard for me to count the number of times I've had to log off and log back on
with AM or SM in order to view creator information.

POSIX is supposed to work this way with respect to file creators.  Can anybody
else think of cases where POSIX policies contradict long-held MPE policies?
--
Mark Bixby                      E-mail: [log in to unmask]
Coast Community College Dist.   Web: http://www.cccd.edu/~markb/
District Information Services   1370 Adams Ave, Costa Mesa, CA, USA 92626-5429
Technical Support               +1 714 438-4647
"You can tune a file system, but you can't tune a fish." - tunefs(1M)

ATOM RSS1 RSS2

RAVEN.UTC.EDU