Followup to: <Pine.LNX.email@example.com>
By author: Chris Evans <firstname.lastname@example.org>
In newsgroup: linux.dev.kernel
> > Yes, we must check that it's not immutable/append-only (the former already
> > checked, the latter... OK, needs to be added). But parent?
> > Look: if we can add/remove on parent the permissions on mountpoint do not
> > matter at all, because of your scenario. So maybe we need to check the
> > parent (+ imm/a-o on the mountpoint, as usual) and to fsck with
> > permissions on the mountpoint...
> Sounds cool - as long as we we cater for S_ISVTX (I think we do), and
> perform the checks even if a privileged user is doing the operation -
> don't want immutable/append-only circumventions :)
It's not. Think of what happens when an unprivileged user creates
10000 aliases of a large directory. Bye-bye, backups...
This really *does* need to be a privileged operation.
-- <email@example.com> at work, <firstname.lastname@example.org> in private! "Unix gives you enough rope to shoot yourself in the foot."
- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to email@example.com Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Wed Jun 07 2000 - 21:00:13 EST