open(2) and O_NOATIME
fb-hackers at psconsult.nl
Fri Oct 31 06:48:50 PDT 2008
On Fri, Oct 31, 2008 at 08:04:48AM +0000, Igor Mozolevsky wrote:
> 2008/10/31 Jeremy Chadwick <koitsu at freebsd.org>:
> > ... If that's what you were referring to, then possibly making O_NOATIME
> > only to root would be a suitable compromise.
> And no systems are compromised with rootkits?..
utimes(2) allows non-root users to (re)set atime provided they own the
file or have write permission. Having O_NOATIME follow the same rules
would not break any assumed security any further than utimes(2) already
does but greatfully benefit all kind of backup programs.
So I'd be more than happy to see O_NOATIME be implemented as I'm
currently experimenting with backups to detachable harddisks using
rsync and not having a way to reset atime is my one big reason for
not deploying this kind of backups with more servers. If you wonder
why I'm using rsyng instead of dump or tar, here are two reasons:
first the detachable disks are much slower than the systems disks so
rsync saves a lot of time and secondly a file-by-file-only-if-changed
scheme allows me to efficiently use snapshots on the backup medium.
Patching rsync to implement the kind of reset atime as i.e. cpio does
looks far more complex than adding O_NOATIME to rsync.
More information about the freebsd-hackers