lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date:   Thu, 13 Jul 2017 14:50:37 -0400
From:   Theodore Ts'o <tytso@....edu>
To:     "Richard W.M. Jones" <rjones@...hat.com>
Cc:     linux-ext4@...r.kernel.org, Tahsin Erdogan <tahsin@...gle.com>
Subject: Re: Fast symlinks stored slow

On Thu, Jul 13, 2017 at 06:13:35PM +0100, Richard W.M. Jones wrote:
> In this case we're using libext2fs to build an appliance filesystem,
> used to boot a small Linux system which is then run under qemu by
> libguestfs.  This appliance is completely rebuilt automatically under
> many circumstances, for example a host package upgrade (eg. upgrading
> the kernel), so it's not a long-lived filesystem that would cause a
> problem.  Rebuilding only takes a few seconds.
> 
> The process is described in more detail here:
> http://libguestfs.org/supermin.1.html#SUPERMIN-APPLIANCES
> 
> From our point of view the only issue are some prebuilt appliances
> which we have provided to other distributions that cannot / don't want
> to use supermin (http://download.libguestfs.org/binaries/appliance/)
> and at some point I'm going to have to rebuild these using the fixed
> supermin.

OK, so the risk is if there are other people who are using supermin to
create appliances.  (One potential use case we might need to
investigate are services such as SuSE Studio, since it can create
turnkey VM appliances for its users.)  If these applianes are
distributed end users (as opposed to being automatically rebuilt as in
your use case), that's when we would potentially be at risk.

Did I get that right?

					- Ted

Powered by blists - more mailing lists