From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.0 required=3.0 tests=BAYES_00, HEADER_FROM_DIFFERENT_DOMAINS,MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS, URIBL_BLOCKED autolearn=no autolearn_force=no version=3.4.0 Received: from mail.kernel.org (mail.kernel.org [198.145.29.99]) by smtp.lore.kernel.org (Postfix) with ESMTP id 99B6FC433E6 for ; Mon, 31 Aug 2020 14:25:52 +0000 (UTC) Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by mail.kernel.org (Postfix) with ESMTP id 79CE520707 for ; Mon, 31 Aug 2020 14:25:52 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1727986AbgHaOZv (ORCPT ); Mon, 31 Aug 2020 10:25:51 -0400 Received: from outgoing-auth-1.mit.edu ([18.9.28.11]:59894 "EHLO outgoing.mit.edu" rhost-flags-OK-OK-OK-FAIL) by vger.kernel.org with ESMTP id S1726503AbgHaOZu (ORCPT ); Mon, 31 Aug 2020 10:25:50 -0400 Received: from callcc.thunk.org (pool-72-74-133-215.bstnma.fios.verizon.net [72.74.133.215]) (authenticated bits=0) (User authenticated as tytso@ATHENA.MIT.EDU) by outgoing.mit.edu (8.14.7/8.12.4) with ESMTP id 07VEPXZu026207 (version=TLSv1/SSLv3 cipher=DHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT); Mon, 31 Aug 2020 10:25:33 -0400 Received: by callcc.thunk.org (Postfix, from userid 15806) id 0A732420128; Mon, 31 Aug 2020 10:25:33 -0400 (EDT) Date: Mon, 31 Aug 2020 10:25:32 -0400 From: "Theodore Y. Ts'o" To: Matthew Wilcox Cc: Miklos Szeredi , Al Viro , Dave Chinner , "Dr. David Alan Gilbert" , Greg Kurz , linux-fsdevel@vger.kernel.org, Stefan Hajnoczi , Miklos Szeredi , Vivek Goyal , Giuseppe Scrivano , Daniel J Walsh , Chirantan Ekbote Subject: Re: xattr names for unprivileged stacking? Message-ID: <20200831142532.GC4267@mit.edu> References: <20200829180448.GQ1236603@ZenIV.linux.org.uk> <20200829192522.GS1236603@ZenIV.linux.org.uk> <20200830191016.GZ14765@casper.infradead.org> <20200831113705.GA14765@casper.infradead.org> <20200831132339.GD14765@casper.infradead.org> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: <20200831132339.GD14765@casper.infradead.org> Sender: linux-fsdevel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-fsdevel@vger.kernel.org On Mon, Aug 31, 2020 at 02:23:39PM +0100, Matthew Wilcox wrote: > On Mon, Aug 31, 2020 at 01:51:20PM +0200, Miklos Szeredi wrote: > > On Mon, Aug 31, 2020 at 1:37 PM Matthew Wilcox wrote: > > > > > As I said to Dave, you and I have a strong difference of opinion here. > > > I think that what you are proposing is madness. You're making it too > > > flexible which comes with too much opportunity for abuse. > > > > Such as? > > One proposal I saw earlier in this thread was to do something like > $ runalt /path/to/file ls > which would open_alt() /path/to/file, fchdir to it and run ls inside it. > That's just crazy. As I've said before, malware authors would love that features. Most system administrators won't. Oh, one other question about ADS; if a file system supports reflink, what is supposed to happen when you reflink a file? You have to consider all of the ADS's to be reflinked as well? In some ways, this is good, because the overhead and complexity will probably cause most file system maintainers to throw up their had, say this is madness, and refuse to implement it. :-) - Ted