From mboxrd@z Thu Jan 1 00:00:00 1970 From: Joel Becker Subject: Re: New reflink(2) syscall Date: Tue, 5 May 2009 10:56:03 -0700 Message-ID: <20090505175603.GH7835@mail.oracle.com> References: <1241458669.3023.203.camel@localhost.localdomain> <20090504180855.GE31249@mail.oracle.com> <1241465446.3023.228.camel@localhost.localdomain> <20090504210356.GA25313@mail.oracle.com> <20090504231334.GA17486@mit.edu> <20090505164700.GB7835@mail.oracle.com> <1241542618.7244.76.camel@think.oraclecorp.com> <20090505171331.GG7835@mail.oracle.com> <20090505173423.GH17486@mit.edu> <1241545451.3023.341.camel@localhost.localdomain> Mime-Version: 1.0 Content-Type: text/plain; charset=us-ascii Cc: Theodore Tso , Chris Mason , James Morris , lsm , linux-fsdevel@vger.kernel.org To: Stephen Smalley Return-path: Content-Disposition: inline In-Reply-To: <1241545451.3023.341.camel@localhost.localdomain> Sender: linux-security-module-owner@vger.kernel.org List-Id: linux-fsdevel.vger.kernel.org On Tue, May 05, 2009 at 01:44:11PM -0400, Stephen Smalley wrote: > > Both use cases are equally valid, and I imagine there would be > > interest in using reflinks both for snapshots and as a very > > lightweight copy operation by commands like /bin/cp. Sure, but you can start with a reflink and then do what you want to it. > Not arguing against this, but just to note: the security model will > differ depending on these flags, as the link-like case doesn't require > the caller to have read access to the file (the data is no more > accessible than it was before), whereas the copy-like case requires the > caller to have read access to the original file since the data "leaks" > into a container with potentially different access constraints. Yeah, another reason why I don't want to complicate the behavior. I defined it as "the operation is like link(2)" for a reason :-) Joel -- "I inject pure kryptonite into my brain. It improves my kung fu, and it eases the pain." Joel Becker Principal Software Developer Oracle E-mail: joel.becker@oracle.com Phone: (650) 506-8127