On 12/06/06, Miklos Szeredi <miklos@xxxxxxxxxx> wrote:
This patch adds POSIX file locking support to the fuse interface.
+/*
+ * It would be nice to scramble the ID space, so that the value of the
+ * files_struct pointer is not exposed to userspace. Symmetric crypto
+ * functions are overkill, since the inverse function doesn't need to
+ * be implemented (though it does have to exist). Is there something
+ * simpler?
+ */
+static inline u64 fuse_lock_owner_id(fl_owner_t id)
+{
+ return (unsigned long) id;
+}
+
How about; on fuse startup, pick some semirandom number, store it
somewhere, then do an XOR of the pointer with the saved value to
scramble it, when you need to use it, simply XOR it again with the
stored value... Not especially strong, but better than nothing and
better than just adding a constant that people can find out from the
source (and the scramble value would be differene each time fuse
loads, so at a minimum a different scramble key every boot) - also,
XOR is a quite fast operation so overhead should be low.
--
Jesper Juhl <jesper.juhl@xxxxxxxxx>
Don't top-post http://www.catb.org/~esr/jargon/html/T/top-post.html
Plain text mails only, please http://www.expita.com/nomime.html
-
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
