From: Boyd Waters <bwaters+moz@nrao.edu>
To: reiserfs-list@namesys.com
Subject: Re: getting UUID and label of a filesystem
Date: Mon, 10 Nov 2003 13:40:19 -0700 [thread overview]
Message-ID: <3FAFF7B3.5030306@nrao.edu> (raw)
In-Reply-To: <20031110201432.GB2014@mis-mike-wstn.matchmail.com>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
Mike Fedyk wrote:
| On Mon, Nov 10, 2003 at 03:07:40PM -0500, John Dalbec wrote:
|
|>I've added myself to the "disk" group and it works for me as non-root.
You
|>just need read access to the raw device, no?
|
|
| Yes.
|
| But how many need access to the UUID information? That can be a big
| security hole...
Cool discussion.
Um, can you point me to info regarding security holes in exposing the
UUID of a filesystem? I can't come up with a use-case that would support
this statement, but I'm willing to believe there is such.
I am using UUID's to track the source filesystem of a large
distributed-backup; I have lots of copies of stuff strewn across various
filesystems and I am in the process of pouring it all into a centralized
version-control system (Subversion). I can set arbitrary name=value tags
on the versioned files, and I'm currently setting one of them to the
source filesystem's UUID.
(Later, I'll start another thread which explores how to use ReiserFS
features to support Subversion, without an intervening database layer...)
So: What's the security hole in exposing the filesystem UUID?
~ - boyd
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.3 (GNU/Linux)
Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org
iD8DBQE/r/ez0is8k1r0QeURAvvjAJsFAKITHuQUcPhdS14/VecHvDL31wCfVEIs
4B+HXCitmX4m3QpVH5I/g7c=
=J0yK
-----END PGP SIGNATURE-----
next prev parent reply other threads:[~2003-11-10 20:40 UTC|newest]
Thread overview: 18+ messages / expand[flat|nested] mbox.gz Atom feed top
2003-11-06 20:46 getting UUID and label of a filesystem Boyd Waters
2003-11-06 20:54 ` Brian Tinsley
2003-11-10 20:07 ` John Dalbec
2003-11-10 20:14 ` Mike Fedyk
2003-11-10 20:40 ` Boyd Waters [this message]
2003-11-10 21:05 ` Bennett Todd
2003-11-11 0:12 ` Mike Fedyk
2003-11-06 20:57 ` Redeeman
2003-11-06 21:03 ` Brian Tinsley
2003-11-10 20:01 ` John Dalbec
2003-11-10 20:42 ` Andreas Dilger
2003-11-12 13:35 ` John Dalbec
2003-11-12 15:32 ` Brian Tinsley
2003-11-06 21:07 ` Andreas Dilger
2003-11-10 17:22 ` Boyd Waters
2003-11-10 18:12 ` Mike Fedyk
2003-11-10 18:44 ` Andreas Dilger
2003-11-10 19:35 ` Chris Dukes
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=3FAFF7B3.5030306@nrao.edu \
--to=bwaters+moz@nrao.edu \
--cc=reiserfs-list@namesys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.