On Fri, Aug 31, 2018 at 08:08:11AM -0500, Eric Sandeen wrote: > If you can directly read the block device hosting the files, file > permissions of shared blocks are completely beside the point. The point is that you should never, ever directly read blocks from the block device, nevermind write. And we need to make sure userspace stops doing that instead of catering to it in any way. > The "typical use case" is to map a file for a bootloader to /read/ > at boot, and our arbitrary restriction has broken systems in > the real world, and burned a lot of institutional effort getting > to the bottom of the problem and working around it. And even that 'use case' is utterly broken.
