[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]

Re: Filesystem-local databases in mlocate



On Tue, Mar 20, 2007 at 09:22:01AM -0400, Simo Sorce wrote:
> On Tue, 2007-03-20 at 14:02 +0100, Axel Thimm wrote:
> 
> > The default setup should asume the worst, e.g. have the indexes owned
> > by root:root, so no remote fs old or new will be able to access the
> > data if the admin of the server doesn't allow it.
> 
> Which kind of defeats the whole thing of having per FS locatedbs ... and
> is a temptation for admins to change it to nobody:nobody and give away
> info easily without fully recognizing the security problem.

The same admins would probably write the root password on their door,
so they don't forget ;)

> However, I see the value for those 0.01% users using clustered file
> systems. So, if we stop talking about net FSs and instead we talk about
> SANs and GFS/GPFS/Lustre/OCFS2/whatever, I think it makes more sense :)

Cluster users will certainly benefit, as well as such juggling data
storage around either physical or by (re)assigning luns on the raid,
and such using NFS for the homes on trusted clients as well.
-- 
Axel.Thimm at ATrpms.net

Attachment: pgpfnRhnNSWCK.pgp
Description: PGP signature


[Date Prev][Date Next]   [Thread Prev][Thread Next]   [Thread Index] [Date Index] [Author Index]