On Fri, 2007-03-16 at 05:16 +0100, Miloslav Trmac wrote: > Hi, > I'm planning to add filesystem-local database support to mlocate. This > allows: > - running updatedb on a file server and making the database > automatically available to clients without any client-side > configuration > - using locate on GFS volumes without running updatedb on each host that > has the volume mounted (which slows the volumes down due to lock > contention) [...] > Usage for /home on NFS: > - NFS is automatically excluded by clients, so updatedb on clients > does not walk the filesystem. > - On the server: > Add /srv/home to /etc/sysconfig/mlocate. If /srv/home is not a > separate mount point, add LOCATE_PATH=:/srv/home/.mlocate/mlocate.db > to the global environment. I am deeply concerned about the security implications of this idea. You are basically making it possible for everyone to get access to the complete remote FS layout ??? > Can anyone see a problem with the plan, or an important feature that the > above fails to address? Yes, security and privacy wise it is BAD BAAD BAAAD :-) Simo. -- fedora-devel-list mailing list fedora-devel-list@xxxxxxxxxx https://www.redhat.com/mailman/listinfo/fedora-devel-list
