Not a chain, but each inode in lofs has a handle to the underlying
inode. Lofs inodes are created automatically when first looked up and
freed when removed from the cache.
> > > I don't actually see the point of implementing a read-only loopback
> > > mount. There are already protection mechanisms in the kernel to
> > > prevent one user from writing to another user's files. If you need to
> > > run a program so that it cannot write to any files, just run the
> > > program under a different uid.
> >
> > I guess you never notice the CERT security notices, then?
>
> Are you suggesting that on Linux, one user can write to another's
> files? (I'm assuming that people aren't stupid enough to have world
> writable files etc.) If so, that's a bug that should be fixed.
I'm pointing out that network servers are commonly attacked because
they have bugs in them. Some of these bugs allow crackers to write
files they shouldn't. Sometimes network servers have to run as root.
One of the most common bugs I see in CERT announcements is that some
or other server isn't preventing unauthorised writing to some file. A
read-only lofs offers strong protection against that.
Regards,
Richard....
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/