Re: [Flightgear-devel] Rsync vulnerability
Andy Ross [EMAIL PROTECTED] wrote: Martin Spott wrote: bitchy Here you realize the difference between a wannabee enterprise filesystem and an enterprise filesystem that was designed as such from the very beginning /bitchy The automatic filesystem check is an issue of filesystem policy, and says nothing about the implementation thereof. Neither, I should add, does the appelation enterprise. :) Right, I don't count on these terms - I was just joking when I put that in quotes. Still the most obvious difference is _not_ in filesystem policy but in design: XFS simply does not need such a check. If you still like to reorganize the filesystem (for example to optimize file access and to reduce fragmentation) you can run a sort-of check program (xfs_fsr) while the filesystem is in use ! If I had to pick, I'd go for reiserfs because of the nifty tail folding. But saying that XFS is somehow more reliable than the other choices is, honestly, kinda silly. To my experience XFS is much less sensible to bad block failures on a disk than reiser. If you take bad blocks into account then XFS _is_ more reliable. But I didn't aim at reliability, I was aiming at the comfort of not having to bother about delay caused by filesystem checks - in this case XFS gives you the optimum of that is available on Linux. Cheers, Martin. -- Unix _IS_ user friendly - it's just selective about who its friends are ! -- ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
On Sat, Dec 06, 2003 at 06:18:01PM +, Martin Spott wrote: Curtis L. Olson [EMAIL PROTECTED] wrote: I'm running ext3 so normally rebooting, even after a crash would not be a problem, but in this case I exceeded the last check date threshold so it ran a full fsck on me. [...] bitchy Here you realize the difference between a wannabee enterprise filesystem and an enterprise filesystem that was designed as such from the very beginning /bitchy Actually, ext3 is a better choice than XFS if you really care about your data - it does full data journalling (at a performance cost), unlike XFS which only journals metadata. Since it halves your write performance people generally don't use it, but it's there in ext3 . . . In any case, filesystems that /aren't/ paranoid about your data aren't things to be trusted . . Simon -- PGP public key Id 0x144A991C, or http://himi.org/stuff/himi.asc (crappy) Homepage: http://himi.org doe #237 (see http://www.lemuria.org/DeCSS) My DeCSS mirror: ftp://himi.org/pub/mirrors/css/ pgp0.pgp Description: PGP signature ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Simon Fowler writes: Actually, ext3 is a better choice than XFS if you really care about your data - it does full data journalling (at a performance cost), unlike XFS which only journals metadata. Since it halves your write performance people generally don't use it, but it's there in ext3 . . . In any case, filesystems that /aren't/ paranoid about your data aren't things to be trusted . . There are a zillion trade offs between the different journaling file systems. I heard a talk at one of the LinuxWorld's that compared the various ones ... reiser, xfs, ext3, something from ibm I think, and there was one more if I recall. They all have strengths and weaknesses and perform better or worse under different circumstances. They also have different feature sets. I haven't seen any comparison of any of the Linux journaling file systems vs. the MS windows journeling file system(s?) though. Regards, Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.flightgear.org/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
On Sun, Dec 07, 2003 at 06:35:57PM -0600, Curtis L. Olson wrote: Simon Fowler writes: Actually, ext3 is a better choice than XFS if you really care about your data - it does full data journalling (at a performance cost), unlike XFS which only journals metadata. Since it halves your write performance people generally don't use it, but it's there in ext3 . . . In any case, filesystems that /aren't/ paranoid about your data aren't things to be trusted . . There are a zillion trade offs between the different journaling file systems. I heard a talk at one of the LinuxWorld's that compared the various ones ... reiser, xfs, ext3, something from ibm I think, and there was one more if I recall. They all have strengths and weaknesses and perform better or worse under different circumstances. They also have different feature sets. I haven't seen any comparison of any of the Linux journaling file systems vs. the MS windows journeling file system(s?) though. Yeah, there are always trade offs and balances and so forth. Personally, I like filesystem people who are paranoid with my data ;-) Really, though, I'd be quite happy using any of the major Linux filesystems (I'm planning to build an XFS based samba server as soon as the hardware arrives). Each for their own strengths ;-) Simon -- PGP public key Id 0x144A991C, or http://himi.org/stuff/himi.asc (crappy) Homepage: http://himi.org doe #237 (see http://www.lemuria.org/DeCSS) My DeCSS mirror: ftp://himi.org/pub/mirrors/css/ pgp0.pgp Description: PGP signature ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Martin Spott writes: Curtis L. Olson [EMAIL PROTECTED] wrote: ftp.flightgear.org is still rebooting ... /dev/hdh1 (120Gb) has gone 204 days without being checked, check forced ... might be another hour or two ... :-) I usually put everything over 10 GByte on XFS per 'default' - as well as any data that has some value for me. It should take about 5 seconds to mount a 200 gig filesystem - cheching included ;-) I'm running ext3 so normally rebooting, even after a crash would not be a problem, but in this case I exceeded the last check date threshold so it ran a full fsck on me. This drive has zillions of tiny little files on it so it's a worst case scenario for fsck performance. Regards, Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.flightgear.org/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
On Saturday, 6 December 2003 17:31, Curtis L. Olson wrote: I'm running ext3 so normally rebooting, even after a crash would not be a problem, but in this case I exceeded the last check date threshold so it ran a full fsck on me. This drive has zillions of tiny little files on it so it's a worst case scenario for fsck performance. Regards, Curt. Can't you just force a check every now and then from a cron job? Anyway it's a small problem - a few hours of down time every year won't hurt anyone. Paul ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Paul Surgeon writes: Can't you just force a check every now and then from a cron job? Anyway it's a small problem - a few hours of down time every year won't hurt anyone. You need to unmount the drive before fsck'ing it, which you can't do unless all services / processes using files on that drive have also been killed, so effectively you need to take the machine down anyway. There's probably cleverer ways to do this, but a few hours down time a year doesn't worry me too much. The machine had been up for 70 days prior to this, but I needed to reboot to patch the kernel. For what it's worth, the record uptime for this particalar server is 177 days. The uptime record for the other fgfs server is 156 days. No where close to a world record, but these uptime streaks are interrupted by the need to do various admin tasks (upgrade hardware, security patches, etc.) and *not* because the machine died or crashed. Regards, Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.flightgear.org/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Curtis L. Olson [EMAIL PROTECTED] wrote: Martin Spott writes: I usually put everything over 10 GByte on XFS per 'default' - as well as any data that has some value for me. It should take about 5 seconds to mount a 200 gig filesystem - cheching included ;-) I'm running ext3 so normally rebooting, even after a crash would not be a problem, but in this case I exceeded the last check date threshold so it ran a full fsck on me. [...] bitchy Here you realize the difference between a wannabee enterprise filesystem and an enterprise filesystem that was designed as such from the very beginning /bitchy Martin. -- Unix _IS_ user friendly - it's just selective about who its friends are ! -- ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Martin Spott wrote: bitchy Here you realize the difference between a wannabee enterprise filesystem and an enterprise filesystem that was designed as such from the very beginning /bitchy The automatic filesystem check is an issue of filesystem policy, and says nothing about the implementation thereof. Neither, I should add, does the appelation enterprise. :) If I had to pick, I'd go for reiserfs because of the nifty tail folding. But saying that XFS is somehow more reliable than the other choices is, honestly, kinda silly. Andy ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Andy Ross writes: The automatic filesystem check is an issue of filesystem policy, and says nothing about the implementation thereof. Neither, I should add, does the appelation enterprise. :) If I had to pick, I'd go for reiserfs because of the nifty tail folding. But saying that XFS is somehow more reliable than the other choices is, honestly, kinda silly. A couple years ago at a friends wedding reception I got to sit next to an sgi xfs developer. For what ever that's worth. :-) Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.flightgear.org/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel
Re: [Flightgear-devel] Rsync vulnerability
Martin Spott writes: I assume you already read this: # rsync version 2.5.6 contains a heap overflow vulnerability that can be used to remotely run arbitrary code. # While this heap overflow vulnerability could not be used by itself to obtain root access on a rsync server, it could be used in combination with the recently announced brk vulnerability in the Linux kernel to produce a full remote compromise. # The server that was compromised was using a non-default rsyncd.conf option use chroot = no. The use of this option made the attack on the compromised server considerably easier. A successful attack is almost certainly still possible without this option, but it would be much more difficult. I hope we won't run in trouble with our public rsync-server(s). Hello Curt ;-))) Yes, hopefully we will (or have) not run into any trouble. In theory both the rsync and kernel issues should all be patched. (keeping my fingers crossed ...) ftp.flightgear.org is still rebooting ... /dev/hdh1 (120Gb) has gone 204 days without being checked, check forced ... might be another hour or two ... :-) Curt. -- Curtis Olson HumanFIRST Program FlightGear Project Twin Citiescurt 'at' me.umn.edu curt 'at' flightgear.org Minnesota http://www.flightgear.org/~curt http://www.flightgear.org ___ Flightgear-devel mailing list [EMAIL PROTECTED] http://mail.flightgear.org/mailman/listinfo/flightgear-devel