[RFC] Filesystem-local databases in mlocate
Simo Sorce
ssorce at redhat.com
Mon Mar 19 06:10:41 UTC 2007
On Fri, 2007-03-16 at 05:16 +0100, Miloslav Trmac wrote:
> Hi,
> I'm planning to add filesystem-local database support to mlocate. This
> allows:
> - running updatedb on a file server and making the database
> automatically available to clients without any client-side
> configuration
> - using locate on GFS volumes without running updatedb on each host that
> has the volume mounted (which slows the volumes down due to lock
> contention)
[...]
> Usage for /home on NFS:
> - NFS is automatically excluded by clients, so updatedb on clients
> does not walk the filesystem.
> - On the server:
> Add /srv/home to /etc/sysconfig/mlocate. If /srv/home is not a
> separate mount point, add LOCATE_PATH=:/srv/home/.mlocate/mlocate.db
> to the global environment.
I am deeply concerned about the security implications of this idea.
You are basically making it possible for everyone to get access to the
complete remote FS layout ???
> Can anyone see a problem with the plan, or an important feature that the
> above fails to address?
Yes, security and privacy wise it is BAD BAAD BAAAD :-)
Simo.
More information about the fedora-devel-list
mailing list