Re[2]: SECURITY.NNOV: file locking and security (group policy DoS on Windows 2000 domain)

From: 3APA3A (3APA3A@SECURITY.NNOV.RU)
Date: 12/08/01 

Date: Sat, 8 Dec 2001 12:21:45 +0300
From: 3APA3A <3APA3A@SECURITY.NNOV.RU>
To: Seth Arnold <sarnold@wirex.com>

Hello Seth,

I never intended to review all possible locking mechanism. In advisory I
ment BSD-compliant flock()/fcntl()/open() file locking implemented in
most unix-like systems.

X/Open lockf() mechanism ported to few operation systems requires file
to be open for writing, so, it's behind advisory (I'm talking about READ
access).

P.S. I don't use linux.

--Saturday, December 08, 2001, 4:15:48 AM, you wrote to bugtraq@securityfocus.com:

SA> On Fri, Dec 07, 2001 at 11:57:58AM +0300, 3APA3A wrote:
>> The way file locks interfere with file access depends on OS. There are 2
>> possible situations: moderate and non-moderate file locks. *BSD and
>> linux use non-moderate locking, while Windows NT locking is moderate.
>> What does it mean? Under Unix file locking is only checked then another
>> application tries to lock the file. If application doesn't use file
>> locking it will not be affected by file locking.

SA> 3APA3A -- close....

SA> A long-time feature of many Unix systems, including Linux (and probably
SA> all the BSDs too, but I don't know this for sure) is mandatory file
SA> locking, implemented in the kernel. It can be turned on using the setgid
SA> bit on regular files.

SA> Look for Documentation/mandatory.txt in the linux kernel source tree. It
SA> has all the gory details on mandary file locking, as it is implemented
SA> in the linux kernel. (Or, was implemented, in 1996.. :)

SA> Cheers! 

-- 
~/ZARAZA
Ñýð Èñààê Íüþòîí îòêðûë, ÷òî ÿáëîêè ïàäàþò íà çåìëþ. (Òâåí)

Relevant Pages

  • Re: [PATCH] mmu notifiers #v5
    ... design and it requires zero additional locking anywhere (nor linux VM, ... GRU a lot slower _especially_ on your numa systems. ... It populates TLB entries on demand ...
    (Linux-Kernel)
  • Re: [9fans] Do we have a catalog of 9P servers?
    ... 9P doesn't do locking; .u/.l change the protocol. ... function as proxies between Linux systems (or between Linux and a .L ... stopgap mapping whatever semantics you want between 9P2010 and 9P2000. ...
    (comp.os.plan9)
  • Re: SECURITY.NNOV: file locking and security (group policy DoS on Windows 2000 domain)
    ... > The way file locks interfere with file access depends on OS. ... > linux use non-moderate locking, while Windows NT locking is moderate. ... Look for Documentation/mandatory.txt in the linux kernel source tree. ...
    (Bugtraq)
  • Re: Anyone using Samba 3 w/vfp app?
    ... problems Samba used to have are now fixed. ... A Google search on "Foxpro McNett Linux" (no ... Paul McNett was instrumental in getting VFP to run ... It handles it's own locking. ...
    (microsoft.public.fox.programmer.exchange)
  • Re: NFS server broken for -current
    ... At the very least the Linux kernel ... > should reject the locking request instead of simply dropping it. ... none of that applies to you; it only affects a FreeBSD client ... > trying to lock a file on a Linux server. ...
    (freebsd-current)