lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <1182361492.6480.12.camel@heimdal.trondhjem.org>
Date:	Wed, 20 Jun 2007 13:44:52 -0400
From:	Trond Myklebust <trond.myklebust@....uio.no>
To:	Christoph Hellwig <hch@...radead.org>
Cc:	Bharata B Rao <bharata@...ux.vnet.ibm.com>,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	Jan Blunck <j.blunck@...harburg.de>
Subject: Re: [RFC PATCH 4/4] Directory listing support for union mounted
	directories.

On Wed, 2007-06-20 at 18:02 +0100, Christoph Hellwig wrote:
> On Wed, Jun 20, 2007 at 10:22:28AM -0400, Trond Myklebust wrote:
> > No it shouldn't. The struct file contains other stateful information
> > from the open() call (such as authentication info) that needs to be
> > passed into readdir.
> 
> Which is exactly that problem this tries to solve.  Once you have
> union mounts you'll have a single open file descriptor for multiple
> actual directories.   Beause of that you can't simply attach to the
> state to the struct file but have to keep it in a different way.

Which creates another, much WORSE problem.

Authentication information is part of a series of things that POSIX
requires you to keep on per-descriptor basis (because POSIX assumes that
you can suid/sgid a process without any security implications for file
descriptors that are already open). It is quite natural to pass it
around by means of the struct file.

If you don't want to pass the struct file around, then you at least need
to come up with an alternative mechanism that allows filesystems to
provide correct semantics in the standard non-union case.

Trond

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ