> > - process can modify the attributes of the file it wants to link
>
> This must be enforced to achieve security (also the very silly quota issue
> will be addressed), I agree with you. I agree to change this. I also don't
> think the breakage would be noticeable in real world.
Don't bring the policy question into the kernel. If you want to kill the
contents of inode - unlink() is _not_ a way to go. truncate() is.
Addresses both quota and suid problems and has a benefit of being
portable. Leave it to user. It's not like cat /dev/null >foo; rm foo
was hard thing to do. It worked fine since v7, WTF change it?
Besides, ability to open the file is darn close to ability to link it. At
least on Linux, where we have /proc/<pid>/fd. And _that_ works across the
fs boundaries, so any mechanism that relies on inability to link the file
is broken.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/