[Top][All Lists]

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: Adding entries to a directory

From: Sergiu Ivanov
Subject: Re: Adding entries to a directory
Date: Thu, 19 Nov 2009 17:56:49 +0200
User-agent: Mutt/1.5.20 (2009-06-14)


On Thu, Nov 19, 2009 at 03:22:42PM +0100, Carl Fredrik Hammar wrote:
> On Wed, Nov 18, 2009 at 08:03:30PM +0200, Sergiu Ivanov wrote:
> > On Wed, Nov 18, 2009 at 10:21:13AM +0100, Carl Fredrik Hammar wrote:
> > > 
> > > I imagined that you'd only try to add an entry to one of the unioned
> > > directories, otherwise it is hard to predict where the entry will
> > > eventually be placed.
> > 
> > This is how unionfs does the things now: it tries to look up the
> > filename with O_CREAT under every unioned directory and stops at the
> > first directory which returns no error or an error different from
> Oh, ok. It still doesn't seem right to me though.

Well, I can remember suggestions of implementing several strategies,
including adding a file to all directories, adding it to the first
directory that accepts it and some other.  IIRC, this is how unionfs
is implemented on other systems (at least, WRT deleting entries).
> > > I'm not entirely sure if this isn't a rule I just made up myself, but
> > > it seems natural to assume that a port returned with FS_RETRY_REAUTH
> > > should be unauthenticated.
> > 
> > The comment to FS_RETRY_REAUTH in hurd/hurd_types.h says ``Retry after
> > reauthenticating retry port''.  However, the only moment when unionfs
> > (and libnetfs, IIRC) returns FS_RETRY_REAUTH is when the ``..''
> > filename is requested.  In this case the shadow_root_parent from the
> > peropen structure is returned as the retry port, but I cannot tell
> > whether it is unauthenticated.
> It should return FS_RETRY_REAUTH when it returns a port to non-directory
> nodes as well, or atleast that is how translator transitions are
> currently handled in the Hurd.  (See my ``Solving firmlink problem using
> io_restrict_auth mail'' for alternative inspired by this discussion)

Well, doing a simple search for FS_RETRY_REAUTH in unionfs/netfs.c
shows me only two entries, the ones I've already told you about.
However, I do understand your idea about returning unauthenticated
ports and I agree that it does improve security.
> > So, I'd rather say that it is okay to
> > assume that the port returned with FS_RETRY_REAUTH is unauthenticated,
> > but it might not be true.  Actually, it doesn't really matter, since
> > you are anyway bound to do reauthentication.
> Yes, but you aren't forced to do reauthentication if you return a port
> that is already authenticated.  That's the problem.

Ah, sure.  I was thinking about ideal good programs.


reply via email to

[Prev in Thread] Current Thread [Next in Thread]