jqj@duff.uoregon.edu (JQ Johnson) (02/02/91)
I decided to set up anonymous (guest) access to a ru-cap2 Appleshare
server, and ran into a few problems:
1/ On SPARCstations, strcmp doesn't like NULL arguments. In file
applications/aufs/afpos.c, change logdir():
diff afpos.c.ORIGINAL afpos.c
2842c2842
< if (strcmp(user,usrnam) == 0)
---
> if (usrnam != NULL && strcmp(user,usrnam) == 0)
2/ More critically, guest logins do not do a chroot(), so they are much
less secure than anonymous FTP logins. The code as written is not
structured so as to make adding a chroot() easy [by the time we know
we are a guest login there are random data structures with absolute
paths, and the semantics aren't clear anyway -- what if the global
volumes file included a "volume" outside the scope of a
chroot(p->pw_dir)?]. Does anyone have suggestions for using the cap
aufs to provide guest access in ways that are reasonably secure?
--
JQ Johnson
Director of Network Services Internet: jqj@oregon.uoregon.edu
University of Oregon voice: (503) 346-4394
250E Computing Center BITNET: jqj@oregon
Eugene, OR 97403-1212 fax: (503) 346-4397