Group Access to dir server #633
Comments
|
I'm not sure I follow you. There will in general be a lot of casual users
in Writers that don't need to be able to read all Group files.
I do agree that we should make a change so the user the directory server is
running as, seen in the serverconfig.json file, should have implicit access
for reading all Access and Group files for all directories on that server.
This is analogous to the special implicit write access that a user has to
all Access files in their tree.
…On Sat, Jan 4, 2020 at 2:53 PM David Presotto ***@***.***> wrote:
If someone puts an Access file at their root (@/Access) and forgets to
include read access for the user the dir server runs as, upspin groups
don't work and fail in fairly impossible to debug ways. I posit that we
should add an implicit access rule that the users in the Writers file
always have read access to @/Group/... regardless of the permissions. While
I dislike adding exceptions, I think this may be a necessary one since it
is too easy to lock the server out of the Groups directory and generate a
quite confusing situation,
—
You are receiving this because you are subscribed to this thread.
Reply to this email directly, view it on GitHub
<#633?email_source=notifications&email_token=ACADPOTZM7TJIU4LAEXZCT3Q4EHO3A5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IEBILVQ>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACADPOVT76GPXKC33QPF5TTQ4EHO3ANCNFSM4KCYKEVQ>
.
|
|
There's Writers for storage and Writers for dirserver. The latter should
just include the owner and the server user. That's the one I'm talking
about.
…On Sat, Jan 4, 2020 at 4:36 PM Eric Grosse ***@***.***> wrote:
I'm not sure I follow you. There will in general be a lot of casual users
in Writers that don't need to be able to read all Group files.
I do agree that we should make a change so the user the directory server is
running as, seen in the serverconfig.json file, should have implicit access
for reading all Access and Group files for all directories on that server.
This is analogous to the special implicit write access that a user has to
all Access files in their tree.
On Sat, Jan 4, 2020 at 2:53 PM David Presotto ***@***.***>
wrote:
> If someone puts an Access file at their root (@/Access) and forgets to
> include read access for the user the dir server runs as, upspin groups
> don't work and fail in fairly impossible to debug ways. I posit that we
> should add an implicit access rule that the users in the Writers file
> always have read access to @/Group/... regardless of the permissions.
While
> I dislike adding exceptions, I think this may be a necessary one since it
> is too easy to lock the server out of the Groups directory and generate a
> quite confusing situation,
>
> —
> You are receiving this because you are subscribed to this thread.
> Reply to this email directly, view it on GitHub
> <
#633?email_source=notifications&email_token=ACADPOTZM7TJIU4LAEXZCT3Q4EHO3A5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IEBILVQ
>,
> or unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/ACADPOVT76GPXKC33QPF5TTQ4EHO3ANCNFSM4KCYKEVQ
>
> .
>
—
You are receiving this because you authored the thread.
Reply to this email directly, view it on GitHub
<#633?email_source=notifications&email_token=ABJTMPJY5RJIAMDLXIFEPB3Q4ETQBA5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIDDQBA#issuecomment-570832900>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ABJTMPIGWJRJVLI6ZXW57KTQ4ETQBANCNFSM4KCYKEVQ>
.
|
|
or perhaps I'm mistaken. I've never understood this stuff.
…On Sat, Jan 4, 2020 at 6:33 PM David Presotto ***@***.***> wrote:
There's Writers for storage and Writers for dirserver. The latter should
just include the owner and the server user. That's the one I'm talking
about.
On Sat, Jan 4, 2020 at 4:36 PM Eric Grosse ***@***.***>
wrote:
> I'm not sure I follow you. There will in general be a lot of casual users
> in Writers that don't need to be able to read all Group files.
>
> I do agree that we should make a change so the user the directory server
> is
> running as, seen in the serverconfig.json file, should have implicit
> access
> for reading all Access and Group files for all directories on that server.
> This is analogous to the special implicit write access that a user has to
> all Access files in their tree.
>
> On Sat, Jan 4, 2020 at 2:53 PM David Presotto ***@***.***>
> wrote:
>
> > If someone puts an Access file at their root (@/Access) and forgets to
> > include read access for the user the dir server runs as, upspin groups
> > don't work and fail in fairly impossible to debug ways. I posit that we
> > should add an implicit access rule that the users in the Writers file
> > always have read access to @/Group/... regardless of the permissions.
> While
> > I dislike adding exceptions, I think this may be a necessary one since
> it
> > is too easy to lock the server out of the Groups directory and generate
> a
> > quite confusing situation,
> >
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub
> > <
> #633?email_source=notifications&email_token=ACADPOTZM7TJIU4LAEXZCT3Q4EHO3A5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IEBILVQ
> >,
> > or unsubscribe
> > <
> https://github.com/notifications/unsubscribe-auth/ACADPOVT76GPXKC33QPF5TTQ4EHO3ANCNFSM4KCYKEVQ
> >
> > .
> >
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <#633?email_source=notifications&email_token=ABJTMPJY5RJIAMDLXIFEPB3Q4ETQBA5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIDDQBA#issuecomment-570832900>,
> or unsubscribe
> <https://github.com/notifications/unsubscribe-auth/ABJTMPIGWJRJVLI6ZXW57KTQ4ETQBANCNFSM4KCYKEVQ>
> .
>
|
|
Thanks, fully agree with you then.
On Sat, Jan 4, 2020 at 6:33 PM David Presotto <notifications@github.com>
wrote:
… There's Writers for storage and Writers for dirserver. The latter should
just include the owner and the server user. That's the one I'm talking
about.
On Sat, Jan 4, 2020 at 4:36 PM Eric Grosse ***@***.***>
wrote:
> I'm not sure I follow you. There will in general be a lot of casual users
> in Writers that don't need to be able to read all Group files.
>
> I do agree that we should make a change so the user the directory server
is
> running as, seen in the serverconfig.json file, should have implicit
access
> for reading all Access and Group files for all directories on that
server.
> This is analogous to the special implicit write access that a user has to
> all Access files in their tree.
>
> On Sat, Jan 4, 2020 at 2:53 PM David Presotto ***@***.***>
> wrote:
>
> > If someone puts an Access file at their root (@/Access) and forgets to
> > include read access for the user the dir server runs as, upspin groups
> > don't work and fail in fairly impossible to debug ways. I posit that we
> > should add an implicit access rule that the users in the Writers file
> > always have read access to @/Group/... regardless of the permissions.
> While
> > I dislike adding exceptions, I think this may be a necessary one since
it
> > is too easy to lock the server out of the Groups directory and
generate a
> > quite confusing situation,
> >
> > —
> > You are receiving this because you are subscribed to this thread.
> > Reply to this email directly, view it on GitHub
> > <
>
#633?email_source=notifications&email_token=ACADPOTZM7TJIU4LAEXZCT3Q4EHO3A5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFUVEXG43VMWVGG33NNVSW45C7NFSM4IEBILVQ
> >,
> > or unsubscribe
> > <
>
https://github.com/notifications/unsubscribe-auth/ACADPOVT76GPXKC33QPF5TTQ4EHO3ANCNFSM4KCYKEVQ
> >
> > .
> >
>
> —
> You are receiving this because you authored the thread.
> Reply to this email directly, view it on GitHub
> <
#633?email_source=notifications&email_token=ABJTMPJY5RJIAMDLXIFEPB3Q4ETQBA5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIDDQBA#issuecomment-570832900
>,
> or unsubscribe
> <
https://github.com/notifications/unsubscribe-auth/ABJTMPIGWJRJVLI6ZXW57KTQ4ETQBANCNFSM4KCYKEVQ
>
> .
>
—
You are receiving this because you commented.
Reply to this email directly, view it on GitHub
<#633?email_source=notifications&email_token=ACADPOQ6D6CBM53BTW6CAU3Q4FBILA5CNFSM4KCYKEV2YY3PNVWWK3TUL52HS4DFVREXG43VMVBW63LNMVXHJKTDN5WW2ZLOORPWSZGOEIDE24Q#issuecomment-570838386>,
or unsubscribe
<https://github.com/notifications/unsubscribe-auth/ACADPOUPLQVE6GWPVVKAKO3Q4FBILANCNFSM4KCYKEVQ>
.
|
|
I'm going to tackle this one. But I suppose we don't even have a test case for it, yet, do we? I'll start to write a test to trigger the issue first. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
If someone puts an Access file at their root (@/Access) and forgets to include read access for the user the dir server runs as, upspin groups don't work and fail in fairly impossible to debug ways. I posit that we should add an implicit access rule that the users in the Writers file always have read access to @/Group/... regardless of the permissions. While I dislike adding exceptions, I think this may be a necessary one since it is too easy to lock the server out of the Groups directory and generate a quite confusing situation,
The text was updated successfully, but these errors were encountered: