| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <mku6uc$kb2$1@ger.gmane.org> Date: Sat, 6 Jun 2015 09:19:40 +0200 From: "U.Mutlu" <for-gmane@...luit.com> To: linux-ext4@...r.kernel.org Subject: Re: generic question: user-only directory w/o root access Theodore Ts'o wrote on 06/06/2015 02:33 AM: > On Fri, Jun 05, 2015 at 09:24:51PM +0200, U.Mutlu wrote: >> I think the filesystem could indeed implement such a "user-only" directory, >> because the FUSE-API wrapper showed me that it is indeed possible >> to implement that idea. I would suggest to add this feature to ext4, >> and that new feature could be a real game-changer (yes, I know another >> bold statement) in IT security. > > Sorry, I'm not willing to advertise that a file system has a feature > which is a pure snake oil --- someone claiming that this can be done > is making a fradulently untrue statement. > > Regards, > > - Ted I posted hello.c (a FUSE demo) in this thread. It is IMO even more secure than the private namespace mount method. The simple reason is: because granting access to the volume (or to a single dir/file) is done inside that user-code itself, ie. the user/owner controls whom he actually gives access. I'm sorry to say this, but this simply proves your last statement above wrong. Thx for this interessting discussion and exchange of ideas on security Uenal -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists