[tahoe-lafs-trac-stream] [tahoe-lafs] #1357: 'tahoe mount' command
tahoe-lafs
trac at tahoe-lafs.org
Thu Feb 3 20:00:27 PST 2011
#1357: 'tahoe mount' command
-------------------------------+--------------------------------------------
Reporter: davidsarah | Owner:
Type: defect | Status: new
Priority: major | Milestone: 1.9.0
Component: code-frontend-cli | Version: 1.8.2
Keywords: sftp tahoe-mount | Launchpad Bug:
-------------------------------+--------------------------------------------
ticket:1353#comment:1 suggested a {{{tahoe mount}}} command, which would
mount a Tahoe directory at a local mount point.
{{{
tahoe mount [OPTIONS] [-o MOUNT_OPTION[,...]] TAHOE_PATH MOUNT_POINT
}}}
(As for all other CLI commands, TAHOE_PATH could be given relative to the
default {{{tahoe:}}} alias, an explicit alias, or an explicit URI.)
I propose implementing this using SFTP+sshfs. The SFTP frontend would be
changed to allow logging in with an arbitrary cap URI as root directory
(#1356). Then the above mount command would be implemented by invoking
{{{sshfs}}} with the {{{-o password_stdin}}} option, and passing the URI
on stdin. This avoids exposing the URI via the command line. Because any
aliases in {{{TAHOE_PATH}}} are resolved by {{{tahoe mount}}}, it also
avoids ambient authority weaknesses, even when an attacker is not
prevented from connecting to the SFTP server.
The host and port of the SFTP server would be obtained by determining the
node directory as usual, and looking for a {{{tahoe.cfg}}} with an
{{{[sftpd]port}}} setting in that directory. (It might be useful to allow
specifying this in a separate {{{sftp.url}}} file analogous to
{{{node.url}}}, I'm not sure.)
--
Ticket URL: <http://tahoe-lafs.org/trac/tahoe-lafs/ticket/1357>
tahoe-lafs <http://tahoe-lafs.org>
secure decentralized storage
More information about the tahoe-lafs-trac-stream
mailing list