Date: Tue, 24 Aug 1999 15:06:52 +0200 From: Manuel Bouyer <bouyer@antioche.lip6.fr> To: Wolfgang Solfrank <ws@tools.de> Cc: freebsd-hackers@FreeBSD.ORG, tech-userlevel@netbsd.org, tech-kern@netbsd.org Subject: Re: Need some advice regarding portable user IDs Message-ID: <19990824150652.A4107@antioche.lip6.fr> In-Reply-To: <199908241259.OAA22272@kurt.tools.de>; from Wolfgang Solfrank on Tue, Aug 24, 1999 at 02:59:09PM %2B0200 References: <199908241259.OAA22272@kurt.tools.de>
next in thread | previous in thread | raw e-mail | index | archive | help
On Tue, Aug 24, 1999 at 02:59:09PM +0200, Wolfgang Solfrank wrote: > [...] > What I meant to say was that code of the various filesystems currently > assumes that the data on the media is somewhat consistent. Since the > intention is that Joe User can mount some arbitrary floppy (or zip disk, > or ...), the in kernel filesystem code needs to check any data it > reads off the media for plausibility. Sure, at last for some filesystems it's possible to crash the machine with a bad FS on a media. But you trust your users don't you ? :) Solving this is not trivial, I don't think changing the panic() to return(appropriate_error_code) is the rigth thing to do, in some case you want to panic if a filesystem gets corrupted. This could probably be switched on/off for root/non-root mounts. Also I think there are some cases where it's too late to recover gracefully. -- Manuel Bouyer, LIP6, Universite Paris VI. Manuel.Bouyer@lip6.fr -- To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-hackers" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?19990824150652.A4107>