lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Thu, 02 Oct 2008 01:10:59 -0700
From:	Andreas Dilger <adilger@....com>
To:	Theodore Tso <tytso@....edu>
Cc:	Christoph Hellwig <hch@...radead.org>,
	Akira Fujita <a-fujita@...jp.nec.com>,
	linux-ext4@...r.kernel.org, linux-fsdevel@...r.kernel.org
Subject: Re: [RFC][PATCH 0/12]ext4: online defrag (ver 0.95)

On Oct 01, 2008  17:20 -0400, Theodore Ts'o wrote:
> On Wed, Oct 01, 2008 at 02:45:45PM -0400, Christoph Hellwig wrote:
> > On Tue, Sep 30, 2008 at 05:40:54PM -0700, Andreas Dilger wrote:
> > > Instead of implementing an EXT4_IOC_FIEMAP_INO ioctl, what we had implemented
> > > is an EXT4_IOC_WRAPPER, which takes as arguments the inode number and the
> > > ioctl command + original ioctl data.  This allows inode ioctls to be called
> > > against the filesystem root for arbitrary inodes, and doesn't require new
> > > implementation for each ioctl:
> > 
> > Or just provide more generic open by handle functionality.  Shouldn't be
> > too much of a problem to do it in the VFS by reusing the exportfs code.
> > 
> 
> A while back I had implemented an "open by inode" patch for a friend
> who needed it for their startup.  I never posted it because (a) even
> though it was only optionally enabled via a mount option, if you allow
> non-root users to access it, it blows a whole through traditional unix
> permissions semantics (i.e., a mode 700 directory no longer protects
> files underneath that directory), and (b) I was sure that Al Viro
> would consider the hacks that I needed to make it work to be far too
> ugly to live.   :-)

We've been using that patch for a long time now in Lustre, but will soon
be replacing it with code that calls fh_to_dentry() and just craft fake
fh to have the filesystem open the inode.  That avoids all kinds of hacks
in place internally.

Definitely the __iopen__ directory should only be allowed for root...

Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.

--
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ