Date: Thu, 12 Feb 1998 17:50:28 -0500 From: tcobb@staff.circle.net To: eivind@yes.no, winter@jurai.net Cc: owensc@enc.edu, freebsd-hackers@FreeBSD.ORG, braam@cs.cmu.edu Subject: RE: Coda FS: FBSD port done!, but development favors Linux Message-ID: <8188AD2EBC3CD111B7A30060082F32A4083053@freya.circle.net>
next in thread | raw e-mail | index | archive | help
I would be able to use such a mechanism right away, particularly for the storage side of a multimedia database. If my vote counts at all, I'd also ask for that 15 minute patch :) 'Twould be wonderful to mount a partition as an inode-based FS and use it as the storage backend. - Troy On Thursday, February 12, 1998 5:48 PM, Matthew N. Dodd wrote: > > I for one would love to see this feature (if indeed you are talking about > open by inode#). It is highly useful for applications that wish to bypas > limitations of FS name lookup (bypass the overhead that is) and implement > their own faster indexing directly. News is one such application. (Store > article inode# in the overview database and open directly.) > > For a big fileserver you aren't likely to have local users that could take > advantage of the security problems you describe, and CODA will be hidning > that information so remote machines won't be able to abuse it either. > > Of course if we had Veritas or XFS we would have no need to open by inode# > as they store their metadata in structures that support high speed lookups > by nature. > > If you wouldn't mind spending the 15 minutes to implement this > functionality I for one would be most interested in seeing your patches. > > Would you be implementing a new open call like say iopen(). > > Are we even talking about the same thing here? :) > > On Thu, 12 Feb 1998, Eivind Eklund wrote: > > It would take about 15 minutes to create this functionality, and it > > has been discussed before. It has been decided against on the basis > > of security. This break chroot() completely, and it break the > > protection you presently have when > > > > -rwxr-x--- src/ > > -rwxr-xr-x src/somefile > > > > - somefile will be available to an attacker. > > > > If this is what it takes to get Coda, I for one won't use it, but I > > can probably create and commit a kernel option that give the access > > methods so that others can. > > > > It will not be part of FreeBSD in the default configuration, at least > > not if I have any say in the matter. (Sorry to be so brutal, but it > > really kill a lot of security assumptions.) > /* > Matthew N. Dodd | A memory retaining a love you had for life > winter@jurai.net | As cruel as it seems nothing ever seems to > http://www.jurai.net/~winter | go right - FLA M 3.1:53 > */ > > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe hackers" in the body of the message To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?8188AD2EBC3CD111B7A30060082F32A4083053>