On Thursday 2010-07-22 19:16, Trond Myklebust wrote: >> >But the fact is, th Unix ctime semantics are insane and largely >> >useless. There's a damn good reason almost nobody uses ctime under >> >unix. >> >> I beg to differ. ctime is not completely useless. It reflects changes on >> the inode for when you don't you change the content. It's like an mtime >> for the metadata. It comes useful when you go around in your filesystem >> trying to figure out who of your co-admins screwed up the permissions on >> /etc/passwd... and if the mtime is the same as that of the last backup, >> I can at least have a reasonable assurance that it was /only/ the >> metadata that was tampered with. (SHA1 check, yeah yeah, costly on large >> files.) > >Errr... Only if you eliminate utimes() from your syscall table. >Otherwise it is trivial to reset the mtime after changing the file >contents. Well yes; I had implicitly implied that evil people with malicious intent are absent. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
