Bugtraq mailing list archives
Re: randomizing filehandles: why not use fsirand?
From: yogo () math tau ac il (Yossi Gottlieb)
Date: Fri, 14 Apr 1995 15:03:51 +0300 (GMT+0300)
I've wondered why noone (to my knowledge) has suggested to write a tool similar to fsirand. Fsirand randomizes all inode numbers on a system, which makes guessing file handles a little harder. Of course the randomization used in such a tool should be "really random", so that we don't end up with the same problem as SunOS: the random element used in fsirand wasn't random enough. Comments anyone?
The random part is NOT the inode number, but rather a 32bit 'generation' number, which is a part of the filehandle (the only part you can't compute). It seems like the ext2 inode support this (i_version field), but I am not sure how it is treated by the ext2 code (it DOES handle it, says grep). There should also be some kind of interface for the NFS server (running as a user process for now) to ask for i_version.... yossi.
Current thread:
- Re: randomizing filehandles: why not use fsirand? Yossi Gottlieb (Apr 14)