Re: [PATCH 00/22][RFC] Unionfs: Stackable Namespace UnificationFilesystem

[Shaya Potter]

On Mon, 2006-09-04 at 22:33 +0200, Pavel Machek wrote:
> On Mon 2006-09-04 09:28:26, Shaya Potter wrote:
> > On Sun, 2006-09-03 at 11:05 +0000, Pavel Machek wrote:
> > > Hi!
> > > 
> > > > - Modifying a Unionfs branch directly, while the union is mounted, is
> > > >   currently unsupported.  Any such change may cause Unionfs to oops and it
> > > >   can even result in data loss!
> > > 
> > > I'm not sure if that is acceptable. Even root user should be unable to
> > > oops the kernel using 'normal' actions.
> > 
> > As I said in the other case.  imagine ext2/3 on a a san file system
> > where 2 systems try to make use of it.  Will they not have issues?
> 
> They probably will have issues (altrough I'm not sure, perhaps ext2
> has been debugged enough), but they'll fix them (as opposed to
> document that oopses are okay).

I agree that unionfs shouldn't oops, it should handle that situation in
a more graceful manner, but once the "backing store" is modified
underneath it, all bets are off for either unionfs or ext2/3 behaving
"correctly" (where "correctly" doesn't just mean handle the error
gracefully).

But are you also 100% sure that messing with the underlying backing
store wouldn't be considered an admin bug as opposed to an administrator
bug? I mean there's nothing that we can do to prevent an administrator
from FUBAR'ing their system by 

dd if=/dev/random of=/dev/kmem.

where does one draw the line?  I agree that stackable file systems make
this a more pressing issue, as the "backing store" can be visible within
the file system namespace as a regular file system that people are
generally accustomed to interacting with.

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/