lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <4776AF82.6010808@davidnewall.com>
Date:	Sun, 30 Dec 2007 07:05:14 +1030
From:	David Newall <david@...idnewall.com>
To:	dean gaudet <dean@...tic.org>
CC:	Mark Lord <lkml@....ca>, Al Viro <viro@....linux.org.uk>,
	Alexander Viro <viro@...iv.linux.org.uk>,
	Andrew Morton <akpm@...ux-foundation.org>,
	Linux Kernel <linux-kernel@...r.kernel.org>
Subject: Re: RFC: permit link(2)  to work across --bind mounts ?

dean gaudet wrote:
>> Pffuff.  That's what volume managers are for!  You do have (at least) two
>> independent spindles in your RAID1 array, which give you less need to worry
>> about head-stack contention.
>>     
>
> this system is write intensive and writes go to all spindles, so you're
> assertion is wrong.

I don't know what you think I was asserting, but you were wrong.  Of 
course I/O is distributed across both spindles.  You would expect no 
less.  THAT is what I was telling you.

> the main worry i have is some user maliciously hardlinks everything
> under /var/log somewhere else and slowly fills up the file system with
> old rotated logs.  the users otherwise have quotas so they can't fill
> things up on their own.  i could probably set up XFS quota trees (aka
> "projects") but haven't gone to this effort yet.
>   

See, this is where you show that you don't understand the system.  I'll 
explain it, just once.  /var/home contains  home directories.  /var/log 
and /var/home are on the same filesystem.  So /var/log/* can be linked 
to /var/home/malicious, and that's just one of your basic misunderstandings.

>> LVM is your friend.
>>     
>
> i disagree.  but this is getting into personal taste -- i find volume
> managers to be an unnecessary layer of complexity.

Right... But wanting to change the semantics of link(2), so that you can 
do something that you already can do, anyway, this is simple, is it?

> you probably missed the point where i said that i was surprised i couldn't
> hardlink across the bind mount and actually wanted it to work.
>   

No.  Look, you obviously haven't read what I've told you.  I mean, it's 
very obvious you haven't.  I'm wasting my time on you and I'm now out of 
generosity.  Good luck to you.  I think you need it.

And no, you can't change link(2).  You don't need to.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ