|
|
Subscribe / Log in / New account

Change notifications for network filesystems

Change notifications for network filesystems

Posted May 29, 2022 21:37 UTC (Sun) by mtodorov (guest, #158788)
Parent article: Change notifications for network filesystems

It is however disabling not to know which user attempted to open or access a file, or caused file event.

The prudent approach may be to add uid, gid, real and effective user ids to the structure: 

           struct fanotify_event_metadata {
               __u32 event_len;
               __u8 vers;
               __u8 reserved;
               __u16 metadata_len;
               __aligned_u64 mask;
               __s32 fd;
               __s32 pid;
           };
It doesn't seem to have to break anything, since programs rely on even_len rather than sizeof (struct fanotify) to get data.

Rationale: it is possible to lookup which user is the owner of the PID, however, while that information is being searched for, the process may exit already.

It also involves a race condition. And it may not be the same which user we give an access to file to. Lookup in /proc file system is expensive and inefficient. :-(

My $0.02.

to post comments

Change notifications for network filesystems

Posted May 29, 2022 21:58 UTC (Sun) by mtodorov (guest, #158788) [Link]

P.S.

Please pardon my typo and imprecision, this should say:

"It doesn't seem to have to break anything, since programs rely on event_len rather than sizeof (struct fanotify_event_metadata) to get data."

Change notifications for network filesystems

Posted May 30, 2022 9:15 UTC (Mon) by taladar (subscriber, #68407) [Link] (1 responses)

Wouldn't that be difficult for network filesystems in particular. You don't really have uids that are the same across the whole network filesystem scope (server + all clients).

Change notifications for network filesystems

Posted May 30, 2022 11:07 UTC (Mon) by mtodorov (guest, #158788) [Link]

IMHO, from the security point of view, it would be very useful i.e. to know which user is trying to modify /bin/bash on local filesystem. If this is a user named jdoe@localhost, and he is not one of the admins, then Huston we have a problem!

IMNSHO, the network file system's integrity should be the responsibility of the NSF, SMB or other server ...

A process could request (for example) IN_EVENT_UID in the list of events listened to, and the fs driver could reply with EINVAL or perhaps even more distinctive EREMOTE (Object is remote).


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds