public inbox for nncp-devel@lists.cypherpunks.ru
Atom feed
* Setup on unprivileged accounts
@ 2021-08-04 4:08 John Goerzen
2021-08-04 12:22 ` John Goerzen
2021-08-04 13:50 ` Sergey Matveev
0 siblings, 2 replies; 5+ messages in thread
From: John Goerzen @ 2021-08-04 4:08 UTC (permalink / raw)
To: nncp-devel
Hi,
I'm hoping to offer NNCP for people on some public-access Unix
systems (SDF and tilde.team at least). These systems generally:
- do not offer root access
- may not permit incoming ports or daemon processes
- don't give me control over sudo
- do give me cron access
My initial scheme, used elsewhere, of calling to "|sudo ...
nncp-daemon -inetd" won't work here. I'm thinking of
alternatives.
The manual talks about a multiuser spool directory. It seems to
envision it for several users on the system sharing a single NNCP
node (they would all send/receive from the same node). Not quite
what I'm after, but maybe close.
Some brainstorms I've had:
1) nncp-daemon could be setuid to me and people could just call to
"|nncp-daemon -inetd". However, I dislike this for security
reasons; since it has a -cfg parameter, this could lead to some
unpleasant effects in the hands of a malicious person and I don't
think I want to go down this path.
2) Perhaps I could lock down the setuid nncp-daemon and have a
wrapper that forces command-line options to a certain set. It
sure has some elegance to it, as it avoids cron entirely (at least
for exchange; may still need it for tossing), but still makes me
nervous.
3) The spool directory for each local peer could be chowned to
that account, with its sticky bit set. That would at least let
that person get and receive packets. But that opens the question
- how? Maybe the local peers would need to cron a nncp-xfer
command that has a different cfg set to pull the files out, and
another one to pull them in?
4) Perhaps a variant on #3, I could have a regular-permissioned
spool directory and then nncp-xfer into a separate tree with
directories owned as appropriate with sticky bits set. Peers
would have a similar nncp-xfer to pull stuff out of there.
Thanks!
- John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Setup on unprivileged accounts
2021-08-04 4:08 Setup on unprivileged accounts John Goerzen
@ 2021-08-04 12:22 ` John Goerzen
2021-08-04 13:50 ` Sergey Matveev
1 sibling, 0 replies; 5+ messages in thread
From: John Goerzen @ 2021-08-04 12:22 UTC (permalink / raw)
To: nncp-devel
On Tue, Aug 03 2021, John Goerzen wrote:
> 2) Perhaps I could lock down the setuid nncp-daemon and have a
> wrapper that
> forces command-line options to a certain set. It sure has some
> elegance to it,
> as it avoids cron entirely (at least for exchange; may still
> need it for
> tossing), but still makes me nervous.
A variant on that one that occurred to me: ssh authorized_keys
with a lot of lockdowns. I could then force the command to be run
with only designated command-line parameters, at least. It still
makes me nervous (ssh!), but less do. People could ssh to
localhost and exchange data that way.
John
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Setup on unprivileged accounts
2021-08-04 4:08 Setup on unprivileged accounts John Goerzen
2021-08-04 12:22 ` John Goerzen
@ 2021-08-04 13:50 ` Sergey Matveev
2021-08-04 18:58 ` Jonathan Lane
2021-08-05 4:23 ` John Goerzen
1 sibling, 2 replies; 5+ messages in thread
From: Sergey Matveev @ 2021-08-04 13:50 UTC (permalink / raw)
To: nncp-devel
[-- Attachment #1: Type: text/plain, Size: 1460 bytes --]
Greetings!
*** John Goerzen [2021-08-03 23:08]:
>My initial scheme, used elsewhere, of calling to "|sudo ... nncp-daemon
>-inetd" won't work here. I'm thinking of alternatives.
Hopefully I am missing something, but I just do not see why do you need
root/sudo/setuid? Why high privileges, if we are not expecting to run on
ports below 1024? I assume that each user has its own directory. Why can
not he have his own spool directory in his home one? NNCPCFG in .profile
can point to the configuration file in his home. Croned tasks can be
avoided if person manually (ssh sdf "nncp-daemon -ucspi ; nncp-toss")
runs tossing when necessary.
>4) Perhaps a variant on #3, I could have a regular-permissioned spool
>directory and then nncp-xfer into a separate tree with directories owned as
>appropriate with sticky bits set. Peers would have a similar nncp-xfer to
>pull stuff out of there.
Only here I understand that you want to share packets between the user
accounts on the same system? nncp-xfer is what comes in my mind first
here: one shared/accessible directory. And spools in home directories.
And much more efficient transmission comparing to online (-daemon,
-call*) tools. Actually files from the spool technically can be even
hardlinked, without any copying at all, in theory (current code just
copies data).
--
Sergey Matveev (http://www.stargrave.org/)
OpenPGP: CF60 E89A 5923 1E76 E263 6422 AE1A 8109 E498 57EF
[-- Attachment #2: signature.asc --]
[-- Type: application/pgp-signature, Size: 833 bytes --]
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Setup on unprivileged accounts
2021-08-04 13:50 ` Sergey Matveev
@ 2021-08-04 18:58 ` Jonathan Lane
2021-08-05 4:23 ` John Goerzen
1 sibling, 0 replies; 5+ messages in thread
From: Jonathan Lane @ 2021-08-04 18:58 UTC (permalink / raw)
To: nncp-devel
Hardlinks are fragile. Regular copying is just fine for same-system
interactions (like the old Emacs move-mail but more secure) since the
expected usecase is mail only. If you want to share a file with someone
on the same system, you don't need NNCP, you can just copy it to a
shared folder or give them read permissions on the original file.
--
tidux@sdf•org
SDF Public Access UNIX System - http://sdf.org
^ permalink raw reply [flat|nested] 5+ messages in thread
* Re: Setup on unprivileged accounts
2021-08-04 13:50 ` Sergey Matveev
2021-08-04 18:58 ` Jonathan Lane
@ 2021-08-05 4:23 ` John Goerzen
1 sibling, 0 replies; 5+ messages in thread
From: John Goerzen @ 2021-08-05 4:23 UTC (permalink / raw)
To: Sergey Matveev; +Cc: nncp-devel
On Wed, Aug 04 2021, Sergey Matveev wrote:
>>4) Perhaps a variant on #3, I could have a regular-permissioned
>>spool
>>directory and then nncp-xfer into a separate tree with
>>directories owned as
>>appropriate with sticky bits set. Peers would have a similar
>>nncp-xfer to
>>pull stuff out of there.
>
> Only here I understand that you want to share packets between
> the user
> accounts on the same system? nncp-xfer is what comes in my mind
> first
> here: one shared/accessible directory. And spools in home
> directories.
> And much more efficient transmission comparing to online
> (-daemon,
> -call*) tools. Actually files from the spool technically can be
> even
> hardlinked, without any copying at all, in theory (current code
> just
> copies data).
Yes, that is what I meant, and I did completely forget to explain
what I was trying to do. Sigh, my mistake. Yes, I think
nncp-xfer will be quite suitable here.
I will try to finish setting it up on SDF and then I need to find
a place to stick all my NNCP docs and things too. Hopefully by
the weekend I'll have something to share.
- John
^ permalink raw reply [flat|nested] 5+ messages in thread
end of thread, other threads:[~2021-08-05 4:24 UTC | newest]
Thread overview: 5+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-08-04 4:08 Setup on unprivileged accounts John Goerzen
2021-08-04 12:22 ` John Goerzen
2021-08-04 13:50 ` Sergey Matveev
2021-08-04 18:58 ` Jonathan Lane
2021-08-05 4:23 ` John Goerzen