On Nov 27, 2013, at 10:47 AM, Christoph Hellwig <hch@xxxxxxxxxxxxx> wrote: > On Wed, Nov 27, 2013 at 10:21:29AM -0500, Chuck Lever wrote: >> That is true only if there is a single mount namespace on your system. The content of mountstats depends on each process's mount namespace. >> >> However, I see that mounts and mountinfo, which also depend on a process's mount namespace, are all S_IRUGO. I don't see a good reason mountstats should be different. > > Could any of the counters be used as a covert channel? Any leakage of > information related to RPCSEC_GSS that could helper attackers? Certainly not for the authentication-only pseudoflavor. The numbers in this file are averages and approximate byte counts. I'm hard-pressed to think of a way anything useful could be extracted. But I'm not a security expert. -- Chuck Lever chuck[dot]lever[at]oracle[dot]com -- To unsubscribe from this list: send the line "unsubscribe linux-nfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
