Hi Eric, all, On Friday 24 July 2009 21:13:49 Eric Paris wrote: > If a FAN_ACCESS_PERM or FAN_OPEN_PERM event is received the listener > must send a response before the 5 second timeout. If no response is > sent before the 5 second timeout the original operation is allowed. If > this happens too many times (10 in a row) the fanotify group is evicted > from the kernel and will not get any new events. Sending a response is Would it make more sense to deny on timeouts and then evict? I am thinking it would be more secure with no significant drawbacks. Also for usages like HSM allowing it without data being in place might present wrong content to the user. > The only other current interface is the ability to ignore events by > superblock magic number. This makes it easy to ignore all events > in /proc which can be difficult to accomplish firing FANOTIFY_SET_MARK > with ignored_masks over and over as processes are created and destroyed. Just to double-check, that would also work for any other filesystem and is controllable from userspace? Tvrtko -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
