Project

General

Profile

Actions

Feature #4838

closed

[Keep] FUSE driver should expose files with permissions mode 0555

Added by Brett Smith about 9 years ago. Updated about 9 years ago.

Status:
Resolved
Priority:
Normal
Assigned To:
Category:
Keep
Target version:
Story points:
0.5

Description

What other filesystem doesn't support a separate executable bit? FAT.

What happens when you mount FAT on Linux? Every single file is 0755.

Keep also doesn't support an executable bit. The FUSE driver should correspondingly expose all files as 0555. This would be preferable to using hacks like using ld.so to execute binaries from Keep.


Subtasks 1 (0 open1 closed)

Task #5000: Review 4838-fuse-executable-filesResolvedPeter Amstutz12/18/2014Actions

Related issues

Is duplicate of Arvados - Idea #3651: Running programs from KeepResolved08/21/2014Actions
Actions #1

Updated by Peter Amstutz about 9 years ago

But I like the ld.so hack!

I briefly considered suggesting that we could scan the file to look for "#!" or an ELF header, but that is impractical since it would have to fetch the first block of every file. So this is probably good enough until we go to a Keep v2 manifest format.

Actions #2

Updated by Tom Clegg about 9 years ago

  • Description updated (diff)
Actions #3

Updated by Tom Clegg about 9 years ago

  • Tracker changed from Bug to Feature
Actions #4

Updated by Tom Clegg about 9 years ago

  • Target version changed from Bug Triage to Arvados Future Sprints
Actions #5

Updated by Peter Amstutz about 9 years ago

  • Target version changed from Arvados Future Sprints to 2015-01-28 Sprint
Actions #6

Updated by Peter Amstutz about 9 years ago

  • Status changed from New to In Progress
  • Assigned To set to Peter Amstutz
Actions #7

Updated by Brett Smith about 9 years ago

My perspective is that putting this behavior behind a command-line flag is a classic 'unbreak my software' option.

Emacs is basically the last remaining X application that insists on having cut and paste that doesn't work correctly. So they have this function "menu-bar-enable-clipboard" which basically means "please make my cut and paste work correctly." Why is this an option? I call this kind of preference the "unbreak my application please" button. Just fix the app and be done with it.

I don't see any use case that's served by making this behavior optional. It doesn't give us any additional security; as we've already demonstrated, if the user can execute arbitrary filesystem locations, they can execute from arv-mount with the right incantation. When would the user ever want artificial barriers to executing their programs? Having a switch just means we have more code to maintain, and we'll have to write --set-executable-bit in a whole bunch of places in the future (for starters, the login script that sets up mounts for users on shell nodes). I'd much rather just always set the executable bit and be done with it.

Actions #8

Updated by Peter Amstutz about 9 years ago

Point taken. 4838-fuse-executable-files updated to just a one line fix.

Actions #9

Updated by Brett Smith about 9 years ago

Peter Amstutz wrote:

Point taken. 4838-fuse-executable-files updated to just a one line fix.

Thanks. Please merge f53484e.

Actions #10

Updated by Peter Amstutz about 9 years ago

  • Status changed from In Progress to Resolved

Applied in changeset arvados|commit:9c569a32645164e99fa44867626bb5a11887c338.

Actions

Also available in: Atom PDF