Re: unowned processes and who controls them (was: Re: passwd entry for uid -1
Oystein Viggen <oysteivi@tihlde.org> writes:
> Quoth Niels Möller:
>
> > And then have some mechanism for making exceptions to this rule. An
> > example of such a mechanism (which I don't know if it makes sense): If
> > the directory is writable by no-user processes, and if it has the
> > setuid bit set, then the no-user process can create files, and the
> > created files get the same owner as the directory.
>
> Would this actually make any difference compared do what we have today?
> Anybody would still be able to write to the directory by doing an
> rmauth, potentially filling up the partition or altering data.
The default behaviour would be that the nouser can't create files. But
you could create a directory /tmp/foo, setuid it to user foo, and then
nouser processes could create files there, which get the user foo as
owner. You could set a limited quota for user foo, to prevent the
nouser from filling the disk (assuming we have a quota implementation).
But I don't see any big advantage, compared to simply running the
process in question with userid foo, so I agree that it seems a little
pointless.
/Niels
Reply to: