From mboxrd@z Thu Jan 1 00:00:00 1970 From: Christoph Hellwig Subject: Re: NFS4 crack Date: Mon, 19 Sep 2005 19:02:40 +0100 Message-ID: <20050919180240.GA26470@infradead.org> References: <20050919133921.GA12208@lst.de> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Christoph Hellwig , akpm@osdl.org, andros@citi.umich.edu, "J. Bruce Fields" , linux-fsdevel@vger.kernel.org, neilb@cse.unsw.edu.au Return-path: Received: from pentafluge.infradead.org ([213.146.154.40]:49041 "EHLO pentafluge.infradead.org") by vger.kernel.org with ESMTP id S932534AbVISSCz (ORCPT ); Mon, 19 Sep 2005 14:02:55 -0400 To: Bryan Henderson Content-Disposition: inline In-Reply-To: Sender: linux-fsdevel-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Mon, Sep 19, 2005 at 10:13:49AM -0700, Bryan Henderson wrote: > >FILENAMES ARE POLICY AND HAVE NO BUSINESS IN THE KERNEL > > I think that's a great policy, but we can't be all that righteous about it > because we don't do it today. I have a system that has highly customized > file names, so I'm pretty familiar with all the world's hardcoded file > names. ISTR the Linux kernel hardcodes /sbin/init, /bin/sh, and > /sbin/modprobe. They are not nice, but quite a bit different, as we are trying to execute them, which can't have bad side-effects in case they don't exist. What nfsd does is expecting a directory to be present on which it can do various operations. That's much worse then trying to execute or even read from a file. Besides that all this directory handling really belongs into userland as pointed out _three times_ now.