[gecko-devel] Re: Some thoughts on sqlfs, etc..

  • From: Aaron Conole <apconole@xxxxxxxxx>
  • To: gecko-devel@xxxxxxxxxxxxx
  • Date: Fri, 16 Jan 2004 12:04:18 -0800 (PST)

> The original plan for the design was going to use a
> pipe or socket in order to transfer the information.
The problem here is network is inherently insecure. FS
drivers are device drivers, and although we __could__
do network reads/writes even to a local loopback
device, it exposes yet another network attack vector
in the kernel, which is evil.
> ..........Using a device
> seems to allow for a more generalized usage of each,
> but I'm not quite sure how either would interpret
> exactly what's going on.  
Using a device is really the only way to work the
system and maintain congruency with the way devices
(and filesystems are technically devices in the
kernel....complain to lkml not me about that one ;) in
the linux kernel work. We want to develop a simple
slap-on module that would be easy to merge into the
main tree as the kernel matures. Forking off our own
kernel is too much work. The best way for them to
communicate might not even be to use read() and
write() but just straight IOCTL calls passing
information back and forth. The only reason I
suggested read() and write() were for content and
status information that I consider "real-time"
neccessary. I wanted to avoid using ioctl to do
monitoring, but it would be easy enough to do anyway
and not even use a read() or write() call.

> For example, would running
> something like /dev/zero >> /dev/sqlfsxx zero out
> all tables in the database?  
see above. We can certainly do checks and whatnot in
code. :D

> With this type of
> approach it seems we now have to cover three ends,
> the first end being how sqlfs handles filesystem
> requests, the second end being how sqlfsd translates
> the information and pushes it back to sqlfs, and the
> final end being how /dev/sqlfsxx will work as a
> traditional device.  
you're pretty much going to have to cover multiple
ends anyway. If you take the networking approach, now
you need to implement SSL in the kernel zone because
network data being passed in cleartext exposes way to
many security flaws. Also having the sqlfsd being
network enabled will automatically put it in a listen
on any interfaces. This is a BAD THING due to the fact
that it exposes core components of the system to the

Again, I haven't yet read the PDFs :X (I know I know,
rtfm) I will be sure to though.


Do you Yahoo!?
Yahoo! Hotjobs: Enter the "Signing Bonus" Sweepstakes

Other related posts: