> From: Peter Jeremy [mailto:peter.jer...@alcatel-lucent.com] > > >Therefore, it should be very easy to implement proof of concept, by > writing > >a setuid root C program, similar to "sudo" which could then become > root, > >identify the absolute path of a directory by its inode number, and > then > >print that absolute path, only if the real UID has permission to "ls" > that > >path. > > It doesn't need to be setuid. Check out > http://minnie.tuhs.org/cgi-bin/utree.pl?file=V6/usr/source/s2/pwd.c > http://minnie.tuhs.org/cgi-bin/utree.pl?file=V7/usr/src/cmd/pwd.c > (The latter is somewhat more readable)
The difference here is ... In pwd, you've already got a present working directory, '.' and therefore you never need to find any directory based on inode number. Suppose your pwd is /tank/foo/bar/baz. Suppose you want to locate all the snapshot versions of this directory. If you can safely assume /tank/.zfs/snapshot/*/foo/bar/baz then great, no problem. But if "foo" was formerly called "doo" or if baz was formerly a child of some other directory ... then '.' isn't going to help you find the former snapshot version of that directory. > >While not trivial, it's certainly possible to extend inodes of files, > to > >include parent pointers. > > This is a far more significant change and the utility is not clear. As you said, something like this is already done for ACL's. I won't say it's trivial, because I simply don't know how difficult it would be, but it's certainly possible. The utility is clear: At present, every directory has a reference to its parent. At present, files do not have any reference to their parent(s). Therefore, even if you know the inode number of some file, there's no clear or reliable way to find its parent(s) quickly. But if you are the kernel, and you want to find the path to some inode number of a directory on some device, all you need to do is follow the '..' entries to discover the path of that directory. The utility of parent reference(s) inside file inodes, is to have the ability to quickly identify the path(s) of any inode (file or directory) based on inode number. Without this parent reference in file inodes, you can only perform this reverse lookup on directory inode numbers. _______________________________________________ zfs-discuss mailing list zfs-discuss@opensolaris.org http://mail.opensolaris.org/mailman/listinfo/zfs-discuss
