"Peter J. Braam" wrote:
> Hi,
>
> Thanks for your comments.
>
> 1. Coda's ctime not set on create is a bug -- I'll send a fix with the
> other 2.3 fixes we will do over the next week or so.
>
> 2. Hard links across directories are not permitted. Jan explained that
> security is an issue here.
>
> I think there is wrong thinking in the way Unix does things normally and
> the security argument goes away when the following reasoning is followed.
>
> Unix pretends a hard link is merely a modification of a directory. Of
> course it does add a name to new directory but it also subtly alters the
> attributes of the file in question, since it raises the file's link count.
>
> A perfectly acceptable fix for the (many) problems with link are to permit
> links only if:
>
> - the process can write to the target directory
> - process can modify the attributes of the file it wants to link
>
> This would work fine in Coda and also solves the problem that arise from
> people keeping hardlinks to insecure suid programs, since they normally
> cannot change their attributes.
>
> Would Aegis be happy with that? Would Linux in general?
>
> - Peter -
If you send us a patch I'll put it in ReiserFS.... unless someone else can explain
why that would be bad....
The above seems rational to me....
Hans
--
Get Linux (http://www.kernel.org) plus ReiserFS
(http://devlinux.org/namesys). If you sell an OS or
internet appliance, buy a port of ReiserFS! If you
need customizations and industrial grade support, we sell them.
