Re: [PATCH 2/2] block: create ioctl to discard-or-zeroout a range of blocks

From: Linus Torvalds
Date: Fri Mar 11 2016 - 19:44:39 EST


On Fri, Mar 11, 2016 at 4:35 PM, Theodore Ts'o <tytso@xxxxxxx> wrote:
>
> At the end of the day it's about whether you trust the userspace
> program or not.

There's a big difference between "give the user rope", and "tie the
rope in a noose and put a banana peel so that the user might stumble
into the rope and hang himself", though.

So I do think that Dave is right that we should also strive to make
sure that our interfaces are not just secure in theory, but that they
are also good interfaces to make mistakes less likely.

I think we _should_ give users rope, but maybe we should also make
sure that there isn't some hidden rapidly spinning saw-blade right
next to the rope that the user doesn't even think about.

Linus