Re: [Aegis-developers] Security Paranoia
Brought to you by:
pmiller
From: Peter M. <mi...@ca...> - 2002-12-28 06:43:48
|
On Thu, 2002-12-26 at 13:29, John Darrington wrote: > So I have several projects on one machine, all managed by aegis. The > enterprise rules of this site are such that each project must be > accessible only by members of that project. This is not a problem > --- I can have a different owner for each project, and I can chmod -R > o-rwx the project directory. >=20 >=20 > But we want to go further than that. We don't want non-project > members to be even aware of the existance of projects to which they > are not members. This can't be acheived with the current aegis > model, because ael proj will always return the complete list of > projects. >=20 > So how does the following proposal sound: >=20 > 1. $comdir/state is changed to mode 600 > 2. ael proj is changed such that it omits mention of projects whose > info directory it can't access > 3. aenpr and aenbr get new options to overide the umask of the new > directories. > 4. There also might be changes needed so that aereport doesn't leak > information.=20 >=20 >=20 > Can anyone see any problems here? Sounds do-able. How do we handle upgrades from the older lesser security to the newer greater security? =20 --=20 Regards Peter Miller <mi...@ca...> /\/\* http://www.canb.auug.org.au/~millerp/ |