lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <AANLkTikhZn15GmOTe-fsM2IgxHFxtZIRBOb_4kPWSR4E@mail.gmail.com>
Date:	Mon, 28 Jun 2010 14:41:02 -0500
From:	Steve French <smfrench@...il.com>
To:	David Howells <dhowells@...hat.com>
Cc:	Andreas Dilger <adilger@...ger.ca>, viro@...iv.linux.org.uk,
	jlayton@...hat.com, mcao@...ibm.com,
	aneesh.kumar@...ux.vnet.ibm.com, linux-cifs@...r.kernel.org,
	linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
	samba-technical@...ts.samba.org, sjayaraman@...e.de,
	linux-ext4@...r.kernel.org
Subject: Re: [PATCH] Ext4: Make file creation time, i_version and i_generation 
	available by xattrs

On Mon, Jun 28, 2010 at 2:38 PM, David Howells <dhowells@...hat.com> wrote:
> Andreas Dilger <adilger@...ger.ca> wrote:
>
>> - I'd prefer calling these "file.generation" and "file.version".
>>   I don't think there is value in the "i_" prefix adds anything,
>>   and it seems more like an internal detail to me
>
> That's reasonable.
>
>> - why not expose the ".version" field for regular files?  It seems
>>   that all of them are applicable for all file types.
>
> Because Ext4 doesn't support it for anything other than directories.
>
>> - it would be good to not introduce a new xattr namespace, since
>>   tools like tar (even the RHEL-patched one) will not backup and
>>   restore these namespaces.  Using "trusted." would allow them to
>>   be backed up and restored using existing xattr-patched GNU tar
>>   by root, but wouldn't allow them to be modified by regular users.
>>   I think this is important for proper backup/restore of a filesystem,
>>   but can have correctness implications and shouldn't be accessible
>>   to regular users.
>
> Does backing them up make sense, though?  They are filesystem structural
> attributes.  Can you restore the inode number, for example?  If not, then you
> can't restore i_generation either.  Restoring i_version might make sense, but
> what if it winds i_version backwards whilst maintaining i_ino and i_generation,
> that means there'll be a time in the future where the three values are once
> again what might have been already published - and may already be in someone's
> persistent cache.

I think backing them up makes sense, even if they can't easily
be restored (ie just for reporting).

Are there security differences between the "trusted" namespace that
would make it harder for an app to read them (the man page did not list
the security differences between trusted and user xattrs).


-- 
Thanks,

Steve
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ