[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <200704171409.45201.agruen@suse.de>
Date: Tue, 17 Apr 2007 14:09:44 +0200
From: Andreas Gruenbacher <agruen@...e.de>
To: Christoph Hellwig <hch@...radead.org>
Cc: jjohansen@...e.de, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
linux-fsdevel@...r.kernel.org, chrisw@...s-sol.org,
Tony Jones <tonyj@...e.de>
Subject: Re: [nameidata 1/2] Don't pass NULL nameidata to vfs_create
On Monday 16 April 2007 18:45, Christoph Hellwig wrote:
> You should provide intent information, yes - which your patch didn't :)
Well, the information implicitly provided is "no intent": In do_create() in
ipc/mqueue.c intents would be pretty pointless because the mqueue filesystem
is local. In fs/nfsd/vfs.c, intents would make slightly more sense assuming
that the underlying filesystem eported via nfsd is remote. That's an
optimization, and not even a very important one.
> (Which btw, I expect to cause quite a few problems for apparmor or other
> lsms, but I guess so far no one has tried them on NFSv4)
Pathname wise, NFSv4 should look like any other filesystem on the client side.
On the Server side, the concept of pathnames doesn't really fly for nfs: if a
directory contains more than one link to the same file, there is no way to
tell those aliases from each other from the file descriptor. In addition,
computing even the somewhat ambiguous pathnames that can be computed would
require subtree checking. But trying to confine nfsd is pretty pointless
anyway: the deamon is privileged and can do whatever it wants. It makes more
sense to export the right directories with the right permissions in the first
place.
Thanks,
Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists