Horst von Brand wrote:
> > If you want to stop people accessing *inodes*, the appropriate permissions
> > should be set for the inode. Permissions on directories AFAIK only control
> > access to the contents of the directory - which are just (name, inum)
> > pairs.
>
> And I'm depending on that guarantee. "Open by inode" allows anybody go on a
> hunting session on the disk for "interesting" inodes they shouldn't be able
> to get at.
Well, the administrator has to explicitly enable open-by-inode on a per
filesystem basis (by creating .inode with a special attribute), and then
access is restricted according to the permission of .inode, so there are
no security holes unless you ask for them.
There was still no demand though, despite a huge thread a few weeks
earlier begging for the feature.
enjoy,
-- Jamie
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Thu Mar 23 2000 - 21:00:29 EST