lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20190217175450.psaesabv3vlzvjv4@angband.pl> Date: Sun, 17 Feb 2019 18:54:50 +0100 From: Adam Borowski <kilobyte@...band.pl> To: Boaz Harrosh <openosd@...il.com> Cc: Dave Chinner <david@...morbit.com>, Omar Sandoval <osandov@...ndov.com>, linux-fsdevel@...r.kernel.org, Al Viro <viro@...iv.linux.org.uk>, kernel-team@...com, linux-api@...r.kernel.org, linux-btrfs@...r.kernel.org, linux-ext4@...r.kernel.org, linux-f2fs-devel@...ts.sourceforge.net, linux-xfs@...r.kernel.org Subject: Re: [RFC PATCH 0/6] Allow setting file birth time with utimensat() On Sun, Feb 17, 2019 at 06:35:25PM +0200, Boaz Harrosh wrote: > On 15/02/19 00:06, Dave Chinner wrote: > > So you're adding an interface that allows users to change the create > > time of files without needing any privileges? > > Inode create time is forensic metadata in XFS - information we use > > for sequence of event and inode lifetime analysis during examination > > of broken filesystem images and systems that have been broken into. > I think the difference in opinion here is that there are two totally > different BTIme out in the world. For two somewhat opposite motivations > and it seems they both try to be crammed into the same on disk space. > > One - Author creation time > Two - Local creation time > So it looks like both sides are correct trying to preserve their own guy? I'd say that [2] is too easily gameable to be worth the effort. You can just change it on the disk. That right now it'd take some skill to find the right place to edit doesn't matter -- a tool to update the btime against your wishes would need to be written just once. Unlike btrfs, XFS doesn't even have a chain of checksums all the way to the root. On the other hand, [1] has a lot of uses. It can also be preserved in backups and version control (svnt and git-restore-mtime could be easily extended). I'd thus go with [2] -- any uses for [1] are better delegated to filesystem specific tools. Meow! -- ⢀⣴⠾⠻⢶⣦⠀ ⣾⠁⢠⠒⠀⣿⡁ ⢿⡄⠘⠷⠚⠋⠀ Have you accepted Khorne as your lord and saviour? ⠈⠳⣄⠀⠀⠀⠀
Powered by blists - more mailing lists