| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20170713185037.yz3l6hq3mcc3wppm@thunk.org> Date: Thu, 13 Jul 2017 14:50:37 -0400 From: Theodore Ts'o <tytso@....edu> To: "Richard W.M. Jones" <rjones@...hat.com> Cc: linux-ext4@...r.kernel.org, Tahsin Erdogan <tahsin@...gle.com> Subject: Re: Fast symlinks stored slow On Thu, Jul 13, 2017 at 06:13:35PM +0100, Richard W.M. Jones wrote: > In this case we're using libext2fs to build an appliance filesystem, > used to boot a small Linux system which is then run under qemu by > libguestfs. This appliance is completely rebuilt automatically under > many circumstances, for example a host package upgrade (eg. upgrading > the kernel), so it's not a long-lived filesystem that would cause a > problem. Rebuilding only takes a few seconds. > > The process is described in more detail here: > http://libguestfs.org/supermin.1.html#SUPERMIN-APPLIANCES > > From our point of view the only issue are some prebuilt appliances > which we have provided to other distributions that cannot / don't want > to use supermin (http://download.libguestfs.org/binaries/appliance/) > and at some point I'm going to have to rebuild these using the fixed > supermin. OK, so the risk is if there are other people who are using supermin to create appliances. (One potential use case we might need to investigate are services such as SuSE Studio, since it can create turnkey VM appliances for its users.) If these applianes are distributed end users (as opposed to being automatically rebuilt as in your use case), that's when we would potentially be at risk. Did I get that right? - Ted
Powered by blists - more mailing lists