On Mon, May 13, 2002 at 01:09:15PM -0400, Horst von Brand wrote:
> Elladan <elladan@eskimo.com> said:
>
> [...]
>
> > Regardless of whether it's a good thing to depend on security-wise, it
> > is a problem to have something that appears to be a security feature
> > which doesn't actually work.
>
> It is _not_ a security feature, it is meant to keep the filesystem from
> fragmenting too badly. root can use that space, since root can do whatever
> she wants anyway.
But it *appears* to be a security feature. Thus, someone might
incorrectly depend on it, unless it's clearly documented as otherwise.
This is probably best considered a documentation issue. Instead of
saying it's "reserved for root" etc., tools should indicate it's
"reserved to prevent fragmentation, still accessible by root"
At least one document I recall seeing indicates that this reserve is so
system software (eg. cron jobs) won't fail, and so root will still be
able to log in when the disk is full. This interpretation makes it
sound like a security feature - if it isn't meant as one, some effort
should be made to ensure there's no confusion, or else someone might
depend on the behavior.
-J
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
This archive was generated by hypermail 2b29 : Tue May 14 2002 - 12:00:21 EST