[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <19585.1249406551@turing-police.cc.vt.edu>
Date: Tue, 04 Aug 2009 13:22:31 -0400
From: Valdis.Kletnieks@...edu
To: Eric Paris <eparis@...hat.com>
Cc: Tvrtko Ursulin <tvrtko.ursulin@...hos.com>,
"linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
"linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>,
"malware-list@...sg.printk.net" <malware-list@...sg.printk.net>,
"greg@...ah.com" <greg@...ah.com>,
"jcm@...hat.com" <jcm@...hat.com>,
Douglas Leeder <douglas.leeder@...hos.com>,
"tytso@....edu" <tytso@....edu>,
"arjan@...radead.org" <arjan@...radead.org>,
"david@...g.hm" <david@...g.hm>,
"jengelh@...ozas.de" <jengelh@...ozas.de>,
"aviro@...hat.com" <aviro@...hat.com>,
"mrkafk@...il.com" <mrkafk@...il.com>,
"alexl@...hat.com" <alexl@...hat.com>,
"jack@...e.cz" <jack@...e.cz>,
"a.p.zijlstra@...llo.nl" <a.p.zijlstra@...llo.nl>,
"hch@...radead.org" <hch@...radead.org>,
"alan@...rguk.ukuu.org.uk" <alan@...rguk.ukuu.org.uk>,
"mmorley@....in" <mmorley@....in>, "pavel@...e.cz" <pavel@...e.cz>
Subject: Re: fanotify - overall design before I start sending patches
On Tue, 04 Aug 2009 12:27:48 EDT, Eric Paris said:
> On Tue, 2009-08-04 at 17:09 +0100, Tvrtko Ursulin wrote:
> > Would it make more sense to deny on timeouts and then evict? I am thinking it
> > would be more secure with no significant drawbacks. Also for usages like HSM
> > allowing it without data being in place might present wrong content to the
> > user.
>
> I'd be willing to go that route as long as noone else complains.
Yes, in my world, "deny on timeout and evict" is the better design decision.
For an HSM, you'd rather have a quick-and-ugly death on a failed file open than
an app accidentally reading the HSM's stub data thinking it's the original data.
Content of type "application/pgp-signature" skipped
Powered by blists - more mailing lists