That sounds dangerously like "security through obscurity", IMO...
>
> You must not expose the ability to read blocks from disk which have not
> been either initialised to zero, or previously written. In effect, the
> file must be a copy-on-write area of zeros. Anything else is a security
> hole - you can read the contents of deleted files.
i don't think it is possible, no users space apps can access the blocks
directly, the only way to read is calling system call read which checks for
the file size before reading, so if i lock file for writing users can read
from it with no problem.
> In which case, the security issue is important - you can't just restrict
> this to kernel access only, for example.
the allocation service is not going to be offered to user application, i'm
going to write it as a module, and only appliactions running with root
permissions will be able to call it.
> More to the point: why do you want to bypass the security system?
because in my case i would be paying too much, for the an overkill.
normal appliactions don't care about this zero stuff, since they gonna be
overwriting it with their own data which needed to be writen to the disk.
so it is only extra memory copy, but in my case the data should never be
writen to the disk, so i'm paying with disk access not in memory.
> XFS has been released. It's not in the mainstream kernels yet, but it's
> out there.
from what i saw it is in a pre-beta stage, which is too early for me to
start playing with
/gaby
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:12 EST