A filesystem for virtualization

Posted May 17, 2019 0:55 UTC (Fri) by kmeyer (subscriber, #50720)
Parent article: A filesystem for virtualization

> The worry about such a flag is that changes can be made to a file's contents without anyone noticing, Myklebust said.

Can't any user that can modify a file already set the mtime arbitrarily (under ordinary unix permissions)? (I would expect SELinux or ACLs / MAC policy can restrict this in some way.) I would assume open() with the "suppress mtime/atime change" flag would cause open() to EPERM or EACCES if the user does not have that capability per security policy, making the concern moot?

A filesystem for virtualization

Posted May 17, 2019 15:42 UTC (Fri) by nybble41 (subscriber, #55106) [Link] (1 responses)

> Can't any user that can modify a file already set the mtime arbitrarily (under ordinary unix permissions)?

Setting the mtime is a metadata change which forces the the ctime to be updated, so the change would still be noticed. The proposed flag would allow updates to the file's content without any change in mtime *or* ctime.

A filesystem for virtualization

Posted May 17, 2019 16:03 UTC (Fri) by kmeyer (subscriber, #50720) [Link]

I see, thanks.

Taking a step back, I guess I’m not sure how the proposed open mode would be used by userspace NFS/Samba. The article is a bit light on details there.