| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 31 Aug 2010 15:18:46 -0400 From: Valerie Aurora <vaurora@...hat.com> To: Miklos Szeredi <miklos@...redi.hu>, Trond Myklebust <Trond.Myklebust@...app.com>, "J. Bruce Fields" <bfields@...ldses.org> Cc: Neil Brown <neilb@...e.de>, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, viro@...iv.linux.org.uk, jblunck@...e.de, hch@...radead.org Subject: Re: [PATCH 0/5] hybrid union filesystem prototype On Mon, Aug 30, 2010 at 02:20:47PM +0200, Miklos Szeredi wrote: > On Mon, 30 Aug 2010, Neil Brown wrote: > > > Val has been following that approach and asking if it is possible to make an > > NFS filesystem really-truly read-only. i.e. no changes. > > I don't believe it is. > > Perhaps it doesn't matter. The nasty cases can be prevented by just > disallowing local modification. For the rest NFS will return ESTALE: > "though luck, why didn't you follow the rules?" I agree: Ask the server to keep it read-only, but also detect if it lied to prevent kernel bugs on the client. Is detecting ESTALE and failing the mount sufficient to detect all cases of a cached directory being altered? I keep trying to trap an NFS developer and beat the answer out of him but they usually get hung up on the impossibility of 100% enforcement of the read-only server option. (Agreed, impossible, just give the sysadmin a mount option so that it doesn't happen accidentally.) -VAL -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists