Hello,
I am experimenting with adsmpipe for AIX with the
purpose of saving large objects (dozens of GB) directly
into ADSM tape storage.
I have found a security problem with adsmpipe:
If a file exists in ADSMPIPE storage that was created
by user A, and user B creates another file with the
same name, user A's file will silently be expired.
In other words, any user who has access to a copy of
the adsmpipe program (and has an account on my node)
can effectively overwrite any file in ADSMPIPE
storage provided they know the file name.
A user can only list (adsmpipe -t) their own files (I
hope), so I can choose a sufficiently secret file name
to make this event unlikely. Still, I'm a bit worried
by the observation that security is not enforced by
design.
Has anybody taken a closer look at the internals of
adsmpipe? Is it perceived to be OK to use adsmpipe for
production purposes?
Sincerely, Michael Fink
P.S.
I understand the "unsupported" status of adsmpipe,
but I see no alternative to using it.
--
Dr. Michael Fink +-----------------------------+------------------------
Dr. Michael Fink +-----------------------------+------------------------
EDV-Zentrum | Universitaet Innsbruck | Tel: +43(512)507-2311
Computing Services | Technikerstrasse 13 | FAX: +43(512)507-2944
--------------------+ A - 6020 Innsbruck, Austria | Michael.Fink AT uibk.ac DOT
at
=========================================================================
|