linux inotify 通知信息不包括 user 和 process 的原因

最新推荐文章于 2025-05-08 21:28:27 发布

最新推荐文章于 2025-05-08 21:28:27 发布 · 132 阅读

文章标签：

#Linux #Google #thread #Security

网络编程专栏收录该内容

42 篇文章

订阅专栏

Robert Love在讨论中解释了为何Linux内核inotify不提供进程和用户信息。从技术上讲，这很容易实现，但他担心这可能导致特性膨胀，并引发安全争议。

[url]http://groups.google.com/group/linux.kernel/browse_thread/thread/3e45bbe4ae4fce5b/d745471e60cd7656?hl=en&#d745471e60cd7656[/url]

在这里 Robert Love 说明了为什么不提供 user 和 process 信息的原因：

[quote]
Hi, Chris.

> On a newsgroup someone was using inotify, but was asking if there was
> any way to also determine which process/user had caused the notification.

> Is this something that would make sense (as an optional bit of
> information) in inotify?

It is definitely something that could be added, technically speaking.

I have been hesitant, though. I do not want feature creep to be a
deterrent to acceptance into the Linux kernel. I also think that there
could be arguments about security. Sending the event is one thing,
telling which pid (and thus what user, etc.) caused the event is
another. For example, we can make the argument that read rights on a
file are tantamount to the right to receive a read event. But can we
say that read rights are enough for a unprivileged user to know that
root at pid 820 is writing the file? I don't know.

I'd add it if there were consensus. I don't know that it makes sense,
though.

Robert Love
[/quote]