On Tue, Mar 20, 2007 at 09:22:01AM -0400, Simo Sorce wrote:
On Tue, 2007-03-20 at 14:02 +0100, Axel Thimm wrote:
The default setup should asume the worst, e.g. have the indexes owned by root:root, so no remote fs old or new will be able to access the data if the admin of the server doesn't allow it.
Which kind of defeats the whole thing of having per FS locatedbs ... and is a temptation for admins to change it to nobody:nobody and give away info easily without fully recognizing the security problem.
The same admins would probably write the root password on their door, so they don't forget ;)
However, I see the value for those 0.01% users using clustered file systems. So, if we stop talking about net FSs and instead we talk about SANs and GFS/GPFS/Lustre/OCFS2/whatever, I think it makes more sense :)
Cluster users will certainly benefit, as well as such juggling data storage around either physical or by (re)assigning luns on the raid, and such using NFS for the homes on trusted clients as well.