[Pvfs2-developers] Batch create in sys-symlink.sm
Rob Ross
rross at mcs.anl.gov
Wed Jun 24 18:38:15 EDT 2009
Hi Walt,
I'm curious about this too. The only input parameter of note in the
batch_create request is the FSID, so there isn't much to work with in
terms of permission checking...
Nick, are you developing some mechanism to differentiate servers from
clients? Or is there some sort of special "I'm a server" credential
that would allow these operations to proceed?
Is your goal to eliminate clients creating datafiles on their own
entirely, or to simply limit the rate at which a malicious client
could consume resources? If the latter, you could simply place an
upper limit on the number of objects that a non-server client could
create in one request (assuming you have a way to differentiate)...
Thanks,
Rob
On Jun 24, 2009, at 4:18 PM, Walter Ligon wrote:
> Nick, how are you planning to handle the bulk-create in the first
> place?
> Clearly we don't want to require a distinct capability for each
> object being requested, so I assume the requesting server will
> provide a capability with the number of objects IN the capability so
> its signed.
>
> Then it could be passed safely to the user.
>
> Walt
>
> Nicholas Mills wrote:
>> When I say new create code I'm referring to the changes to the
>> server's create.sm <http://create.sm> and the corresponding changes
>> to the client's sys-create.sm <http://sys-create.sm> since 2.7.1
>> (almost all of the changes come from the small file branch).
>> It used to be that both sys-symlink and sys-create used the server
>> "create" request to create their objects. But now that create only
>> makes regular files the sys-symlink code has been modified to use
>> batch-create with a size of one. This approach works, but it seems
>> to me to be a misuse of an operation designed for the creation of
>> multiple handles between /servers/.
>> As you know, David and I are working on eliminating the security
>> holes present in the current version of PVFS. I would really rather
>> not give client code the ability to create up to 8192 handles
>> (source: pvfs2-req-proto.h) with a single request.
>> Is there any obstacle to moving the symlink creation code to the
>> server side in the same way that regular file creation was moved to
>> the server side? I realize it would involve adding yet another
>> request (and state machine), but I believe in the interest of
>> security that regular clients should not have access to the
>> functionality provided by batch-create.
>> Thanks for your response,
>> Nick
>> On Wed, Jun 24, 2009 at 2:03 PM, Sam Lang <slang at mcs.anl.gov <mailto:slang at mcs.anl.gov
>> >> wrote:
>> On Jun 24, 2009, at 9:22 AM, Nicholas Mills wrote:
>>> Hey all,
>>>
>>> Can someone quickly explain to me why sys-symlink.sm
>>> <http://sys-symlink.sm> (in the client code) now uses batch
>>> create
>>> with a fixed size of one? What prevents us from using the new
>>> create code? This change was merged in by phil with the small
>>> files branch.
>> What "new create code" do you refer to? The batch create code
>> is the new create path.
>> -sam
>>>
>>> Thanks,
>>>
>>> Nick
>>> _______________________________________________
>>> Pvfs2-developers mailing list
>>> Pvfs2-developers at beowulf-underground.org
>>> <mailto:Pvfs2-developers at beowulf-underground.org>
>>> http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
>> ------------------------------------------------------------------------
>> _______________________________________________
>> Pvfs2-developers mailing list
>> Pvfs2-developers at beowulf-underground.org
>> http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
> _______________________________________________
> Pvfs2-developers mailing list
> Pvfs2-developers at beowulf-underground.org
> http://www.beowulf-underground.org/mailman/listinfo/pvfs2-developers
More information about the Pvfs2-developers
mailing list