Am Mittwoch, den 25.08.2004, 21:42 +0100 schrieb :

quoted text
> > > For one thing _I_ didn't decide about xattrs anyway.  And I still
> > > haven't seen a design from you on -fsdevel how you try to solve the
> > > problems with files as directories.
> >=20
> > Hey, files-as-directories are one of my pet things, so I have to side w=
ith=20
quoted text
> > Hans on this one. I think it just makes sense. A hell of a lot more sen=
se=20
quoted text
> > than xattrs, anyway, since it allows scripts etc standard tools to touc=
h=20
quoted text
> > the attributes.
> >=20
> > It's the UNIX way.
>=20
> Not if you allow link(2) on them.

That doesn't make sense anyway. (actually, I tried what happens and the
result was an Oops ;))

It should be completely forbidden to link into a meta-directory or out
of such a directory. You could think of those meta-directory as a sysfs
for that inode. Of course it's not an own filesystem and that means that
there need to be a lot of security precautions in the VFS layer. Where
something like that belongs anyway, if done correctly.

quoted text
>   And not if you design and market your
> stuff as a general-purpose backdoor into kernel.  Note how *EVERY* *DAMN*
> *OPERATION* is made possible to override by "plugins".  Which is the reas=
on
quoted text
> for deadlocks in question, BTW.

What do you mean? If you tell that file that you want it to be
compressed or encrypted or modify some attributes (like ACLs) this isn't
necessarily a backdoor.

quoted text
> Don't fool yourself - that's what Hans is selling.  Target market: ISV.
> Marketed product: a set of hooks, the wider the better, no matter how
> little sense it makes.  The reason for doing that outside of core kernel:
> bypassing any review and being able to control the product being sold (se=
e
quoted text
> above).

Yes, I don't think it was a good idea either. Probably someone should
remove these features and make it a "normal" filesystem. The people who
need it now can turn it on again and a real solution could be worked out
in Linux 2.7.

I wouldn't use it on a public server anyway now because I'm not
convinced some malicious guy could find a way to exploit that. What if
you changed into a meta directory using ftp and some manage to break
things? This might be very dangerous.

I personally think that the idea of doing something like this (I'm not
speaking of the current implementation which I think is really bad) is
the right way to go in the long term.