-
Notifications
You must be signed in to change notification settings - Fork 0
/
Copy pathREADME
96 lines (78 loc) · 4.06 KB
/
README
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
23 Aug 2005
Tim Newsham
Public Domain.
This code is in the public domain.
Please send any bug reports to tim dot newsham at gmail dot com.
- cl.py is a 9p client that can be run from the command line.
cl.py [-d] [-a authsrv] [-n] [-p srvport] user srv [cmd ...]
The client utility accesses files on a 9p server. The username
and server address must be specified. The 'p' option can
be used to connect to a nonstandard port on the server. An
argument to the 'a' option specifies the authentication server
to access. If none is given it is assumed that the authentication
server is running on the same server as the fileserver. The
authentication server should serve the domain that the fileserver
is in. The 'n' option skips the password prompt. If it is
used and a password is required an error is generated.
If commands are specified on the command line (one per
argument) they are executed directly, otherwise the user is
prompted for commands. The builtin command "help" will list
out all available commands.
Using the 'd' option causes the python debugger to be invoked
on any error conditions.
Example:
$ cl.py newsham sources.cs.bell-labs.com 'cd patch' ls
Password:
applied isatty runq-keep-lock-alive saved scuzz-big-exabyte sorry
- srv.py is a 9p server that can be run from the command line.
srv.py [-d] [-m module] [-p port] [-r root] srvuser domain
The server accepts connections from 9p clients. It provides
access to the files on the machine it was run on with the
privilege of the user who invoked it. Authentication is
done against an auth server (not included here) for the
domain specified on the command line. A valid user and
password for that domain must be given to perform authentication.
The 'r' option specifies the root of the filesystem tree which
is the local filesystem root if unspecified. Multiple 'm' options
may be specified to load extra modules into the server.
The 'p' option allows a nonstandard port to be specified.
Using the 'd' option causes the python debugger to be invoked
on any error conditions.
Example:
$ srv.py newsham p9home.dom
$ srv.py -r /tmp -m sampledev newsham p9home.dom
- P9.py has primitives for dealing with the 9p protocol.
- P9sk1.py has primitives for dealing with the p9sk1 protocol.
- debug.py provides access to the python debugger.
This package requires the Python Cryptography Toolkit
from http://www.amk.ca/python/code/crypto to work.
Notes:
- The server operates with the full privilege of whoever ran the
process. Appropriate steps should be taken to limit access if
security is a concern.
- it appears the kernel doesn't necessarily clunk an open handle
for a binary after a process stops. This may cause slightly
unexpected results on systems that do not allow open files to be
removed. As an example, when the server is running under cygwin
and you execute a file, then remove all files in a directory and
then try to remove the directory a 'Directory not empty' error
will be given since there is still an open file in that directory.
- cl's client features can be imported and used as a library.
- the put command can take input from stdin by specifying the local
file '-'.
- the 'r' option should not be relied on for security.
- The server operates synchronously. This means that some file
operations will affect the performance of other operations
going to the same server (for example, playing audio).
Flaws:
- The password and auth server are given before the server requests
a particular domain. In fact the domain is never even shown to the
user. Ideally the auth server would be looked up based on the domain
the server asks for.
- It would be nice to provide an object that is comptabiel with
the python file() object.
- The server shows numeric user and group information.
- Server output is to standard output.
- In windows the server accepts only a single connection.
XXX due to a bug the cygwin version has this limitation as well.
- The challenges used in authentication are not cryptographically strong.