| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 06 Aug 2009 14:18:10 -0400 From: Eric Paris <eparis@...hat.com> To: Alan Cox <alan@...rguk.ukuu.org.uk> Cc: Tvrtko Ursulin <tvrtko.ursulin@...hos.com>, Peter Zijlstra <a.p.zijlstra@...llo.nl>, Douglas Leeder <douglas.leeder@...hos.com>, Pavel Machek <pavel@....cz>, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>, "malware-list@...sg.printk.net" <malware-list@...sg.printk.net>, "Valdis.Kletnieks@...edu" <Valdis.Kletnieks@...edu>, "greg@...ah.com" <greg@...ah.com>, "jcm@...hat.com" <jcm@...hat.com>, "tytso@....edu" <tytso@....edu>, "arjan@...radead.org" <arjan@...radead.org>, "david@...g.hm" <david@...g.hm>, "jengelh@...ozas.de" <jengelh@...ozas.de>, "aviro@...hat.com" <aviro@...hat.com>, "mrkafk@...il.com" <mrkafk@...il.com>, "alexl@...hat.com" <alexl@...hat.com>, "hch@...radead.org" <hch@...radead.org>, "mmorley@....in" <mmorley@....in> Subject: Re: fanotify - overall design before I start sending patches On Thu, 2009-08-06 at 13:58 +0100, Alan Cox wrote: > > > We are taking about the kind of fanotify client that says: No you cannot > > > open/read/write/mmap/etc.. this file until I say you can, right? > > > > Yes and no, it would be more accurate to say "this open takes long while we do > > something else in the background". > > There are two or three ways to handle this > > 1. Block the open until the daemon dies or responds > 2. Have a timeout (which would need to be connection configurable) > 3. Require the daemon responds with "in progress" now and then. I've taken option #3. I don't see options #2 as viable, although off list discussion from clamav people has said they believe they are interested in #2 rather than #3. > For a superuser managed service its no different to an NFS mount which > can go wonky so the only real question is what should fanotify allow non > privileged users to do. The answer would appear anyway to be: not use > this aspect of such a facility. That's the approach taken thus far. Although non-blocking/access notification will be opened up to normal users (currently even notification is root only) > For the superuser case the fact the daemon can be killed thus releasing > anything stuff is analogous to umount -f of a stuck NFS mount which seems > perfectly good for NFS. It does work for NFS (which I would call case #1.) I claim that it doesn't work for this case since a global listener stuck would stop you from running kill() since it owuldn't be able to get permission to open it.... -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists