| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Fri, 03 Nov 2006 15:33:18 +0000 From: David Howells <dhowells@...hat.com> To: Trond Myklebust <trond.myklebust@....uio.no> Cc: David Howells <dhowells@...hat.com>, Stephen Smalley <sds@...ho.nsa.gov>, Karl MacMillan <kmacmill@...hat.com>, jmorris@...ei.org, chrisw@...s-sol.org, selinux@...ho.nsa.gov, linux-kernel@...r.kernel.org, aviro@...hat.com Subject: Re: Security issues with local filesystem caching Trond Myklebust <trond.myklebust@....uio.no> wrote: > No. I was thinking of keeping the cache on its own partition That's a requirement I am specifically avoiding with CacheFiles. I might, for instance, want to use it on my laptop, and I don't really have enough space to set aside a partition just for that. The whole point of CacheFiles is that you don't have to set one aside. If you're going to do that, then CacheFS should be a better option. > and using kernel mounts. cachefilesd could possibly mount the thing in its > own private namespace. That's still user visible, and SELinux in enforcing mode would still apply. David - To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists