Re: calling ext2fs function

From: James Sutherland (
Date: Tue May 09 2000 - 13:22:44 EST

On Tue, 9 May 2000, Gabriel Benhanokh wrote:

> > You realize that this is a security violation - a user could now allocate
> large
> > chunks of disk in the hopes of capturing something interesting. If tmp is
> part
> > of the root file system, then passwords may be exposed for example. This
> is NOT
> > a good idea.
> this service won't be avialable to users, only to process with special
> permissions
> and if you see this as a security violation, than the whole uNIX security
> model should be abendon since process with root permissions can read any
> file or memory area.

Hardly. The security system ensures that no process may access
uninitialised storage, be it RAM or disk. If the system administrator
wants, he/she can bypass every security system imaginable: put in a DOS
boot disk, and fire up a sector editor. Root is intended to have
unrestricted access to files - that's not a security hole.

Provided only root can access these uninitialised blocks, and can only do
so deliberately, it's OK from a security point of view.

I'm still not at all convinced this is a good idea...


To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
Please read the FAQ at

This archive was generated by hypermail 2b29 : Mon May 15 2000 - 21:00:14 EST