storm@diku.UUCP (Kim Fabricius Storm) (07/13/85)
In article <11465@brl-tgr.ARPA> phil@RICE.ARPA (William LeFebvre) writes: >>> I am looking for a good way to generate the full path name of a directory, >>> given only its inode number... >I disagree! If it were possible to set the current working directory >to a given inode and device, then pwd would give you the answer. All >the permission information, and even the bit denoting whether or not >this inode refers to a directory is stored in the inode, and can easily >be checked in such a call. .... and an exec-by-inode (no namei) could speed command execution up A LOT (csh already does some hashing on the command names). However, this is NOT EASY to check, because the access permissions to a directory (or any other file) is the intersection of the permissions on the file itself, and the search (-x-) permissions on ALL directories on the path from / to the file. Suppose your home directory was closed for all other users than yourself, but anything else in 'your part of the universe' had read permissions for everybody, which doesn't matter - other users can't bypass your home directory. Now, if we introduce a chdir-by-inode system call, then anybody who can guess (or know) the inode number of one of your subdirectories can sneak through this back-door, and have free access to all your files. The only thing one (not you) cannot do in the above situation is a 'pwd', because there is no read permission on the home directory :-). One solution (a reasonable one I think) would be to have an "access-by-inode" permission on files and directories, which may be opened/execed/chdired/etc. by inode, in which case the normal permissions can be used to check which users are allowed to do so. But is there an unused bit in the inode? ------------------ Kim F. Storm, Inst of Datalogy(=CS), U of Copenhagen, Sigurdsgade 41, DK-2200 N UUCP: mcvax!diku!storm, <storm@diku.UUCP> tel: +45 1 83 64 66, ext 14
chris@umcp-cs.UUCP (Chris Torek) (07/13/85)
Rather than using inodes instead of names to make things work faster, I suggest you instead speed up name to inode translation. (Look at the 4.3BSD changes document in the Proceedings of the Summer '85 Usenix.) [begin :-)] exec by inode might be neat, but you'd have a terrible time keeping the inodes straight! I can just see the mail now: To: chris Subject: Emacs doesn't work anymore I can't seem to run Emacs anymore. Why? (reply) Oh. Sorry about that... I recompiled it; now it's inode # 15252. Try that instead. -- In-Real-Life: Chris Torek, Univ of MD Comp Sci Dept (+1 301 454 4251) UUCP: seismo!umcp-cs!chris CSNet: chris@umcp-cs ARPA: chris@maryland