Re: Passive versus active translators

Thu, 21 Jun 2001 20:27:46 -0700 

My point is that whether a translator is started by the filesystem or by
settrans, the behavior should be basically the same.

> >     o Current working directory
> >             - settrans: user's current working directory
> >             - libfshelp: the directory in which we find the
> >               translator.
> In the case of settrans it is logical to set the cwd of the translator
> to the user's current cwd like for any other program the user runs. And
> as for the second case, there's not much chioce but to start the
> translator in the directory of the node. And it also makes sense,
> think relative symlinks.

I do not see how this makes sense.  I see how it is logical, however, it
is misleading.  Consider the following:

        # settrans -cap ~/foo /hurd/isofs cdimage

The active translator will start, however, once it is stopped, the
filesystem will to be able to restart it.  In this scenario, guessing
from the `-ap', the user likely wants to make sure that the translator
is setup and correctly and then wants to forget about it.

> >     o User ids
> >             - settrans: The euid and egid of the user that lauched
> >               settrans.
> >             - libfshelp: The uid and gid of the node.
> The user might not always (unlike root) have the ability change
> the euid and egid of a process to those of an arbitrary node.
> So the translator has to be started with the priviliges of the
> user.

Not true; make settrans suid root.

> And if a passive translator is started up with the
> priveleges of the user that wakes it up it, it would be impossible
> to implement some things that translators do already. For example
> a filesystem translator has to run with the priveleges of the
> underlying node, otherwise it would be unable to write any data
> to store-nodes which have root-only write permissions.

I am not suggesting this at all.  This is what I am trying to
communicate:

        # cd
        # sudo settrans -acp foo /hurd/ext2fs /dev/hd0s2

ext2fs is launched as root.root.  However, the passive translator will
run as root.neal (as my home directory is neal.neal).  Now, because the
Hurd has group leaders, I will be considered an owner of the translator.

The active translator should be started with the same ids that the
passive translator will be started with.

PGP signature

Reply via email to