[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [PATCH 10/17] hurd: add fsys_get_children
|
From: |
Neal H. Walfield |
|
Subject: |
Re: [PATCH 10/17] hurd: add fsys_get_children |
|
Date: |
Fri, 12 Jul 2013 15:13:30 +0200 |
|
User-agent: |
Wanderlust/2.14.0 (Africa) SEMI/1.14.6 (Maruoka) FLIM/1.14.9 (Gojō) APEL/10.8 Emacs/23.2 (x86_64-pc-linux-gnu) MULE/6.0 (HANACHIRUSATO) |
At Fri, 12 Jul 2013 14:44:31 +0200,
Samuel Thibault wrote:
>
> Neal H. Walfield, le Fri 12 Jul 2013 13:52:17 +0200, a écrit :
> > I apologize if you've already explained this someplace else.
> >
> > If I understand correctly, you want to get all the nodes with active
> > and passive translators. This potentially requires scanning every
> > inode on an ext3 file system. This could take a very long time. Is
> > that really the intention?
>
> No, just the active ones.
How do you do permission checking?
Here's a thought:
Consider accessing a file foo/bar/file. If the user specifies the
full path, then she needs execute permission on the containing
directories. If the path is not known, then to find the file, she
also needs read permission on the containing directories. That is, to
'ls foo', she needs read permission on foo, but 'cat foo/bar/file'
only requires read permission on foo and bar.
Making a directory executable but not readable is a useful way to
grant permission by knowledge of a shared secret. If foo is not
readable, then a user can only access the contents of foo/bar if they
know that foo/bar exists. This is essentially a swiss numbers in the
capability world.
It seems like the interface that you have created should require read
permission on the containing directories. This is okay, but then the
caller should be able specify a root to start the search under. This
way, she can enumerate all active translators under foo/bar even if
she doesn't have read permission on foo.
Neal
- [PATCH 10/17] hurd: add fsys_get_children, (continued)
- [PATCH 10/17] hurd: add fsys_get_children, Justus Winter, 2013/07/11
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/12
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/12
- Re: [PATCH 10/17] hurd: add fsys_get_children, Justus Winter, 2013/07/12
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/12
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children,
Neal H. Walfield <=
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/15
- Re: [PATCH 10/17] hurd: add fsys_get_children, Justus Winter, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Samuel Thibault, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Neal H. Walfield, 2013/07/18
- Re: [PATCH 10/17] hurd: add fsys_get_children, Richard Braun, 2013/07/18
- feature-mtab-translator (v3), Justus Winter, 2013/07/19
- [PATCH 01/17] libnetfs: implement file_get_translator_cntl, Justus Winter, 2013/07/19
- [PATCH 02/17] pfinet: Fix call to kfree_s, Justus Winter, 2013/07/19
- Re: [PATCH 02/17] pfinet: Fix call to kfree_s, Samuel Thibault, 2013/07/20
- [PATCH 03/17] libdiskfs: track file name in struct peropen, Justus Winter, 2013/07/19