Initial filesystem design synopsis.
Simon 'corecode' Schubert
corecode at fs.ei.tum.de
Thu Feb 22 05:47:03 PST 2007
Sergey Glushchenko wrote:
Maybe i missed it but you don't talk at all about security of the FS
and i guess that this is a very important topic for a FS that
it's going to work over the internet and be connected to insecure
hosts.
Are you proposing to encrypt data transfered between cluster nodes?
That's the very least.
Eg: What if i want to share a file with you, but i don't
want anyone else on the cluster to be able to read or modify it?
Why this can't be handled with help of ACLs?
Because I as evil kernel hacker don't have to obey the ACLs you set if I already have access to the raw data.
cheers
simon
--
Serve - BSD +++ RENT this banner advert +++ ASCII Ribbon /"\
Work - Mac +++ space for low €€€ NOW!1 +++ Campaign \ /
Party Enjoy Relax | http://dragonflybsd.org Against HTML \
Dude 2c 2 the max ! http://golden-apple.biz Mail + News / \
Attachment:
signature.asc
-------------- next part --------------
A non-text attachment was scrubbed...
Name: pgp00016.pgp
Type: application/octet-stream
Size: 252 bytes
Desc: "Description: OpenPGP digital signature"
URL: <http://lists.dragonflybsd.org/pipermail/kernel/attachments/20070222/90deba8b/attachment-0020.obj>
More information about the Kernel
mailing list