apr-bugs mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From bugzi...@apache.org
Subject DO NOT REPLY [Bug 47630] NTFS directory junctions ("mounted folders") should be treated like n*x mount points (APR_DIR, not APR_LNK)
Date Wed, 05 Aug 2009 05:49:50 GMT
https://issues.apache.org/bugzilla/show_bug.cgi?id=47630



--- Comment #7 from Dan <dan_j_thompson@hotmail.com> 2009-08-04 22:49:48 PDT ---
(In reply to comment #5)
> But Junctions have no relationship to unix mount points.  Just like symlinks,
> junctions and mount points can be renamed.  Unlike mount points, the change
> is immediate.  It is not at the driver layer.  In the unix case, the mount
> is at a much lower level, and that rename causes the system to fail (in fact,
> it isn't possible).

I think the layer is irrelevant. I don't understand "unlike mount points, the
change is immediate"--you can unmount /a/b and remount it as /a/c, just as
"immediately", right? (so what if you have to type two commands vs. one)

> You are missing the distinction between kernel layer/driver driven mounts, such
> as unix and also windows drivers, and userspace controllable filesystem
> aliases.

What does "mount --bind olddir newdir" do? And NTFS is not userspace. If you
want to fool around with the reparse point information, you have to send IOCTLs
via DeviceIoControl--to the kernel-mode driver.

> A Junction is a symlink-style alias, and for security must be represented as
> such, because any user can manipulate them.  End of discussion.

Ironically, any user can create a junction, provided it has access to the
things it is linking, but for windows symlinks, you must have [elevated]
administrative privileges (unless you tweak security policy).

However, I don't understand why you think that is a security problem. On linux,
normal users can mount things if those rights are granted (like cdrom). With
junctions, it's as if there is a magic fstab file that grants the "user" option
to any places that the user has rights to. And a user has rights to manipulate
directories, so if the APR treated junctions as directories, why would that be
a security problem?

> Ok, this is clearly confusion on your point as to the flexibility of Junctions
> and where they sit on the driver stack.  Meaning no disrespect, I am closing
> this bug as invalid.

No disrespect taken. But what does the driver stack have to do with anything?
Even if there are some behavior and implementation details that are different
between windows and unices, what is important to building a portable runtime is
that windows junctions are the moral equivalent to unix mount points.
Differences in implementation don't matter, and even some differences in
behavior don't matter, because APR treats mount points as directories, and
directories can and do change, by the actions of users or superusers.

For a portable program, where you would use a mount point on linux, you would
use a junction on windows. The Apache portable runtime should reflect this.

-- 
Configure bugmail: https://issues.apache.org/bugzilla/userprefs.cgi?tab=email
------- You are receiving this mail because: -------
You are the assignee for the bug.

---------------------------------------------------------------------
To unsubscribe, e-mail: bugs-unsubscribe@apr.apache.org
For additional commands, e-mail: bugs-help@apr.apache.org


Mime
View raw message