Do ext3 with ACL's, journalling, and other extensions.
Do an ELF header for capabilities.
You would think that we had to _choose_ one or the other.
Dan
On Thu, 8 Apr 1999, Albert D. Cahalan wrote:
>
> Andreas Siegert writes:
> > Quoting Albert D. Cahalan (acahalan@cs.uml.edu):
>
> >> I'm still waiting for a filesystem-based proposal that works with NFS.
> >
> > Capabilities are there to increase security. Anyone who seriously
> > wants security will not use NFS.
>
> I keep hearing this without a reason. Assuming you filter incoming
> packets and don't allow random insecure machines on your network,
> just how is NFS insecure? You'd have to attack it with some kind of
> multi-machine hard link race condition I think. (but inode generation
> numbers might seal that too)
>
> > Breaking other tools like tar and friends I see as a serious issue,
> > but NFS, never. But when introducing capabilities and ACLs one will
> > need new archival programs that take care of them anyway. Anything
> > that does not support them directly will probably end up as a tool
> > to break them.
>
> With ACLs, stuff does break a bit.
>
> Capabilities are no problem though, as long as you keep them out of
> the filesystem. The executable header method won't break with tar.
>
> -
> To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
> the body of a message to majordomo@vger.rutgers.edu
> Please read the FAQ at http://www.tux.org/lkml/
>
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/