lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Message-Id: <1157406184.4398.24.camel@localhost.localdomain>
Date:	Mon, 04 Sep 2006 17:43:04 -0400
From:	Shaya Potter <spotter@...columbia.edu>
To:	Pavel Machek <pavel@....cz>
Cc:	Josef Sipek <jsipek@...sunysb.edu>, linux-kernel@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, hch@...radead.org, akpm@...l.org,
	viro@....linux.org.uk
Subject: Re: [PATCH 00/22][RFC] Unionfs: Stackable Namespace Unification
	Filesystem

On Mon, 2006-09-04 at 22:33 +0200, Pavel Machek wrote:
> On Mon 2006-09-04 09:28:26, Shaya Potter wrote:
> > On Sun, 2006-09-03 at 11:05 +0000, Pavel Machek wrote:
> > > Hi!
> > > 
> > > > - Modifying a Unionfs branch directly, while the union is mounted, is
> > > >   currently unsupported.  Any such change may cause Unionfs to oops and it
> > > >   can even result in data loss!
> > > 
> > > I'm not sure if that is acceptable. Even root user should be unable to
> > > oops the kernel using 'normal' actions.
> > 
> > As I said in the other case.  imagine ext2/3 on a a san file system
> > where 2 systems try to make use of it.  Will they not have issues?
> 
> They probably will have issues (altrough I'm not sure, perhaps ext2
> has been debugged enough), but they'll fix them (as opposed to
> document that oopses are okay).

I agree that unionfs shouldn't oops, it should handle that situation in
a more graceful manner, but once the "backing store" is modified
underneath it, all bets are off for either unionfs or ext2/3 behaving
"correctly" (where "correctly" doesn't just mean handle the error
gracefully).

But are you also 100% sure that messing with the underlying backing
store wouldn't be considered an admin bug as opposed to an administrator
bug? I mean there's nothing that we can do to prevent an administrator
from FUBAR'ing their system by 

dd if=/dev/random of=/dev/kmem.

where does one draw the line?  I agree that stackable file systems make
this a more pressing issue, as the "backing store" can be visible within
the file system namespace as a regular file system that people are
generally accustomed to interacting with.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ