Coming back to this one, as the discussion seems to have died down. On 2011-04-20 19:00, Lars Ellenberg wrote: > Oh, well, thinking about non-roots that may have cibadmin karma, > they now can configure a resource that will remove /etc/passwd. > I'm not sure if I like that. > > How about a staged system? Double symlinks? > Similar to the alternatives system in Debian or others. > > The RA will force a single directory that will contain the indirection > symlinks, and will sanitize (or force) link names to not contain slashes. > > The real symlinks will point to that indirection symlink, which will > point to the end location. > > /etc/postfix/main.cf > -> /var/lib/wherever-indirection-dir/postfix_main.cf <<<=== > -> /mnt/somewhere/you/want/to/point/to/main.cf > > And <<<=== will be managed by the resource agent.
Considering we have an "anything" resource agent which, well, lets us do anything, I consider this pointless cluttering of the resource agent which creates a false sense of security. Thoughts? Cheers, Florian
signature.asc
Description: OpenPGP digital signature
_______________________________________________________ Linux-HA-Dev: Linux-HA-Dev@lists.linux-ha.org http://lists.linux-ha.org/mailman/listinfo/linux-ha-dev Home Page: http://linux-ha.org/