lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list] 
Date:	Fri, 15 May 2015 11:30:34 -0700
From:	Linus Torvalds <torvalds@...ux-foundation.org>
To:	Al Viro <viro@...iv.linux.org.uk>
Cc:	Jeremy Allison <jra@...ba.org>,
	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	linux-fsdevel <linux-fsdevel@...r.kernel.org>,
	Christoph Hellwig <hch@...radead.org>,
	Neil Brown <neilb@...e.de>
Subject: Re: [RFC][PATCHSET v3] non-recursive pathname resolution & RCU symlinks

On Thu, May 14, 2015 at 7:51 PM, Al Viro <viro@...iv.linux.org.uk> wrote:
>
> What's the benefit compared to c-i mount?  Not hitting filesystem's
> ->d_hash() and ->d_compare()?

So the reason I'd be interested in per-access flags rather than mount flags are:

 - only special apps should use this anyway. IOW, samba and perhaps
things like wine, and that's absolutely it. The argument that it might
confuse "tar" is bogus, exactly because not only would tar never do
this in the first place, tar absolutely *mustn't* do crap like this
anyway. case-insensitive filesystems are insane, the *only* possible
valid reason for them is for "emulate insane systems".

 - mount flags are bad. They'd be useless for something like wine
(where you want to make part of the users home directory be the
filesystem), and they are bad for things like samba too. Having to
make a whole filesystem case-insensitive is crazy, because
case-insensitivity is crazy. You want to make one application able to
use case-insensitivity, not make all accesses so.

 - we do have cases where more per-access flags might be a really good
idea. The whole "don't follow any/absolute symlinks" and "don't follow
dotdot" are real concerns in various other places that now waste time
trying to do it manually (and generally do it badly at that - see all
the historical apache issues with dotdot to escape the publicly
visible areas). I think it's a mistake in general to think that these
kinds of things should be per-mount.

That said, if the main/only reason samba would use this is for the
case it would be bad at handling anyway (negative lookups in big
directories), it's definitely not worth it.

                        Linus
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ