Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD

On Mon, 2006-08-14 at 09:13 +0400, Evgeniy Polyakov wrote:
On Sun, Aug 13, 2006 at 01:16:15PM -0700, Daniel Phillips (phillips@xxxxxxxxxx) wrote:
Indeed. The rest of the corner cases like netfilter, layered protocol and
so on need to be handled, however they do not need to be handled right now
in order to make remote storage on a lan work properly. The sane thing for
the immediate future is to flag each socket as safe for remote block IO or
not, then gradually widen the scope of what is safe. We need to set up an
opt in strategy for network block IO that views such network subsystems as
ipfilter as not safe by default, until somebody puts in the work to make
them safe.

Just for clarification - it will be completely impossible to login using
openssh or some other priveledge separation protocol to the machine due
to the nature of unix sockets. So you will be unable to manage your
storage system just because it is in OOM - it is not what is expected
from reliable system.

But really, if you expect to run reliable block IO to Zanzibar over an ssh
tunnel through a firewall, then you might also consider taking up bungie
jumping with the cord tied to your neck.

Just pure openssh for control connection (admin should be able to
login).

These periods of degenerated functionality should be short and
infrequent albeit critical for machine recovery. Would you rather have a
slower ssh login (the machine will recover) or drive/fly to Zanzibar to
physically reboot the machine?

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Relevant Pages

  • Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD
    ... in order to make remote storage on a lan work properly. ... then gradually widen the scope of what is safe. ... the time being since we don't actually know of any such mandatory login ...
    (Linux-Kernel)
  • Security basics
    ... This year I found out with ssh around you need a good password for your own login name. ... Fixed that problem with a real hard password for karl and root has a changable hard password. ... If I have passwords that are safe for an hour, is not my computer safe from tampering? ...
    (Fedora)
  • Re: [RFC][PATCH 0/9] Network receive deadlock prevention for NBD
    ... in order to make remote storage on a lan work properly. ... then gradually widen the scope of what is safe. ... storage system just because it is in OOM - it is not what is expected ... Just pure openssh for control connection (admin should be able to ...
    (Linux-Kernel)
  • Re: [opensuse] Security
    ... than 5 login with wrong password the system erase all home of this user ... However it's an evidence that if a people is rejected for wrong pass, he didn't enter the system and so the data was safe. ... but I was said that the best place for sensitive data is on non connected/wired computer, ...
    (SuSE)
  • Re: how to copy live paradox tables
    ... One way to do this is to have all clients periodically update a timestamp ... Now, anyone listed in the Login Table indicating that they are "logged on", ... But this would let you know if its safe to delete any BDE LCK files that ... might be hanging around and if its safe to rename the data directory and ...
    (comp.databases.paradox)