Can I create a link to an inode?
Alan Cox
alan at lxorguk.ukuu.org.uk
Sat Aug 16 08:37:34 UTC 2008
On Fri, 15 Aug 2008 22:22:16 +0000
Wayne Feick <waf at brunz.org> wrote:
> I'd consider it a security bug to allow a user to see any bytes beyond
> what was written to the file since:
>
> 1. Some ilesystems store multiple small files in the same block.
> 2. Some (most?) filesystems don't zero out blocks when they are
> reallocated.
>
> Either of the above could allow you to see things you shouldn't.
Which is why the kernel won't let you. What is on disk may vary but the
actual kernel interfaces deal with actual file sizes. Any holes you
create when extending it contain zeros
More information about the fedora-list
mailing list