[tahoe-lafs-trac-stream] [tahoe-lafs] #1357: 'tahoe mount' command

tahoe-lafs trac at tahoe-lafs.org
Tue Aug 13 23:04:09 UTC 2013 

#1357: 'tahoe mount' command
-----------------------------------+------------------------------
     Reporter:  davidsarah         |      Owner:  davidsarah
         Type:  defect             |     Status:  assigned
     Priority:  major              |  Milestone:  1.12.0
    Component:  code-frontend-cli  |    Version:  1.8.2
   Resolution:                     |   Keywords:  sftp tahoe-mount
Launchpad Bug:                     |
-----------------------------------+------------------------------
Changes (by daira):

 * milestone:  1.11.0 => 1.12.0


Old description:

> ticket:1353#comment:1 suggested a {{{tahoe mount}}} command, which would
> mount a Tahoe directory at a local mount point.
>
> {{{
> tahoe mount [OPTIONS] [-o MOUNT_OPTION[,...]] TAHOE_PATH MOUNT_POINT
> }}}
>
> (As for all other CLI commands, TAHOE_PATH could be given relative to the
> default {{{tahoe:}}} alias, an explicit alias, or an explicit URI.)
>
> I propose implementing this using SFTP+sshfs. The SFTP frontend would be
> changed to allow logging in with an arbitrary cap URI as root directory
> (#1356). Then the above mount command would be implemented by invoking
> {{{sshfs}}} with the {{{-o password_stdin}}} option, and passing the URI
> on stdin. This avoids exposing the URI via the command line. Because any
> aliases in {{{TAHOE_PATH}}} are resolved by {{{tahoe mount}}}, it also
> avoids ambient authority weaknesses, even when an attacker is not
> prevented from connecting to the SFTP server.
>
> The host and port of the SFTP server would be obtained by determining the
> node directory as usual, and looking for a {{{tahoe.cfg}}} with an
> {{{[sftpd]port}}} setting in that directory. (It might be useful to allow
> specifying this in a separate {{{sftp.url}}} file analogous to
> {{{node.url}}}, I'm not sure.)

New description:

 ticket:1353#comment:1 suggested a {{{tahoe mount}}} command, which would
 mount a Tahoe directory at a local mount point.

 {{{
 tahoe mount [OPTIONS] [-o MOUNT_OPTION[,...]] TAHOE_PATH MOUNT_POINT
 }}}

 (As for all other CLI commands, TAHOE_PATH could be given relative to the
 default {{{tahoe:}}} alias, an explicit alias, or an explicit URI.)

 I propose implementing this using SFTP+sshfs. The SFTP frontend would be
 changed to allow logging in with an arbitrary cap URI as root directory
 (#1356). Then the above mount command would be implemented by invoking
 {{{sshfs}}} with the {{{-o password_stdin}}} option, and passing the URI
 on stdin. This avoids exposing the URI via the command line. Because any
 aliases in {{{TAHOE_PATH}}} are resolved by {{{tahoe mount}}}, it also
 avoids ambient authority weaknesses, even when an attacker is not
 prevented from connecting to the SFTP server.

 The host and port of the SFTP server would be obtained by determining the
 node directory as usual, and looking for a {{{tahoe.cfg}}} with an
 {{{[sftpd]port}}} setting in that directory. (It might be useful to allow
 specifying this in a separate {{{sftp.url}}} file analogous to
 {{{node.url}}}, I'm not sure.)

--

-- 
Ticket URL: <https://tahoe-lafs.org/trac/tahoe-lafs/ticket/1357#comment:4>
tahoe-lafs <https://tahoe-lafs.org>
secure decentralized storage

More information about the tahoe-lafs-trac-stream mailing list