From: Hans Reiser <reiser@namesys.com>
To: Manuel Krause <manuelkrause@netscape.net>
Cc: reiserfs-list <reiserfs-list@namesys.com>
Subject: Re: Debugreiserfs Security Question (3.6.7-pre1)
Date: Mon, 23 Jun 2003 12:20:26 +0400 [thread overview]
Message-ID: <3EF6B84A.5070302@namesys.com> (raw)
In-Reply-To: <3EF27041.6060401@netscape.net>
Manuel Krause wrote:
> Hi!
>
> If I currently use debugreiserfs -p /dev/xxx | gzip -c > xxx.gz and
> later for testing gunzip -c xxx.gz | unpack /dev/yyy I get the same
> filenames on the last target partition. (with reiserfsprogs 3.6.7-pre1)
>
>
> If I don't want to spread info about
> /home/manuel/my_car/tech_overview/lies_for_BMW_&_DC/engine.259.fake.jpg
> anywhere else than only on my HDD, shouldn't this file be converted to
> /d98/d4/d2/d65/d1/23.file
> e.g., or something like that (random directory & filenames) within
> debugreiserfs, in general?!
>
> I don't know if that is a serious security issue. But it is one.
>
> No no, I don't doubt your developers' debugging cyle and purpose at all.
> But I don't need you (and others if we couldn't establish a secure
> connection) to read our filenames. In case of real failure we may not
> be able to rename anything any more, you know..
>
>
> Best regards,
>
> Manuel Krause
>
>
> (The filenames mentioned above have NO real meaning in ANY sense.)
>
>
>
If you are considering the use of reiserfs for secure government
purposes then your government should sponsor the on staff addition of a
reiserfs developer with the security clearances your government
needs.;-) Forgive me for thinking that only governments have a lot of
data that cannot be risked with strangers working in Russia, I know it
is not entirely true.
--
Hans
prev parent reply other threads:[~2003-06-23 8:20 UTC|newest]
Thread overview: 4+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-06-20 2:24 Debugreiserfs Security Question (3.6.7-pre1) Manuel Krause
2003-06-20 4:14 ` Russell Coker
2003-06-20 12:43 ` Oleg Drokin
2003-06-23 8:20 ` Hans Reiser [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3EF6B84A.5070302@namesys.com \
--to=reiser@namesys.com \
--cc=manuelkrause@netscape.net \
--cc=reiserfs-list@namesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.