Bugtraq mailing list archives
Re: user flags in public temp space (was Re: chflags() [heads up
From: pace () NCAL VERIO COM (James E. Pace)
Date: Tue, 10 Aug 1999 09:31:09 -0700
On Mon, 9 Aug 1999, Adam Morris wrote:
The CMW machines (Compartmentalised Mode Workstation) has the concept of "multi level directories" These include such things as /tmp. When you are operating at level "Top Secret" you have what appears to be a different /tmp from when you are operating at level "unclassified".
The multilevel directory in CMW doesn't solve the per user problem; it just enforces mandatory access control. If two processes are at "UNCLASSIFIED", they are using the same /tmp, so this class of problems still exists. It is still up to the app designer to be careful about problems with /tmp. Perhaps if each user had a unique sensitivity label (like use UID as SL), then you'd get a per user /tmp, but I would imagine that would create a lot of other usability problems (setting up dominance relations would just suck!).
As far as I can tell, it does actually keep the files in different directories. I haven't really poked around at the raw disk level on one of these beasts though (which requires special privileges) so I can't guarantee it. You can definitely have two different files in different level /tmp directories with the same name.
Yes, multilevel directories are separate directories. The system hides a layer for you, so it's something like this: /tmp/UNCLASSIFIED /tmp/TOP_SECRET /tmp/SECRET ..etc, with new levels being created as needed. My knowlege is based on HP-UX's CMW product. -James Pace
Current thread:
- Re: user flags in public temp space (was Re: chflags() [heads up]), (continued)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Jason Bratton (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Andrew Brown (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 05)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Theo de Raadt (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Tim Fletcher (Aug 06)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Darren Reed (Aug 07)
- Re: user flags in public temp space (was Re: chflags() [heads up]) Doug Harple (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up Adam Morris (Aug 09)
- Re: user flags in public temp space (was Re: chflags() [heads up James E. Pace (Aug 10)
- New cfingerd 1.4.0 - Configurable Finger Daemon Martin Schulze (Aug 10)
- profil(2) bug, a simple test program Ross Harvey (Aug 09)
- ISS Security Advisory: Denial of Service Attack Against Windows NT Terminal Server X-Force (Aug 09)
- Uploaded cfingerd 1.3.2-18.1 for Debian (security fix) Leszek Gerwatowski (Aug 09)