noexec on /dev/shm

Lennart Poettering mzerqung at 0pointer.de
Mon Jan 3 19:59:52 UTC 2011


On Mon, 03.01.11 09:54, Chris Adams (cmadams at hiwaay.net) wrote:

> 
> Once upon a time, Adam Jackson <ajax at redhat.com> said:
> > Sadly this turns out not to be the case, at least if I'm reading
> > fs/pipe.c correctly.  O_NOATIME will turn off atime updates, but mtime
> > and ctime are still modified on every pipe write, and there's no such
> > thing as O_NOCMTIME even though the filesystem layer does have the
> > concept internally.  Which means device-backed filesystems will see
> > write traffic just for using named pipes.
> > 
> > Heck of lame.  Someone should fix that.
> 
> The behavior follows the standard, so it shouldn't just be changed by
> default without checking if anybody uses the standard behavior.

Well, I think introducing O_NOCTIME the same way O_NOATIME was
introduced would be unproblematic: only if it is set the normal ctime
behaviour would be disabled.

But yeah, I agree with ajax, the fact that the ctime of a fifo is
updated all the time and there is no way around it is kinda
ridiculous... And it gives the jack folks a really good reason not to
stick a fifo into /tmp.

Lennart

-- 
Lennart Poettering - Red Hat, Inc.


More information about the devel mailing list