On Sat, Mar 18, 2000 at 02:45:42PM -0400, Horst von Brand wrote:
> Jamie Lokier <lfs@tantalophile.demon.co.uk> said:
> > I wrote and posted an open-by-inode extension to ext2 about a year ago.
> > You simply open <fs>/.inode/<number>. But nobody was interested, so I
> > guess there isn't much demand after all.
>
> Demand is (or should be) _strongly_ negative. Open by inode allows to
> completely bypass placing files in non-x directories, thus breaking
> security big time.
If you want to stop people accessing *inodes*, the appropriate permissions
should be set for the inode. Permissions on directories AFAIK only control
access to the contents of the directory - which are just (name, inum) pairs.
The fact that there's no standardised API for open-by-inode isn't necessarily
a feature. And anyway, even if Jamie's feature got integrated, I'm sure it
would be off by default.
-- "It is easier for a camel to pass through the eye of a needle if it is lightly greased." -- Kehlog Albran, "The Profit"- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@vger.rutgers.edu Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:26 EST