On 2015-10-16 13:41, Andreas Gruenbacher wrote:
OK, seeing as I wasn't particularly clear as to why I object to this in my other e-mail, let's try this again.On Fri, Oct 16, 2015 at 7:31 PM, Austin S Hemmelgarn <ahferroin7@xxxxxxxxx> wrote:I would like to re-iterate, on both XFS and ext4, I _really_ think this should be a ro_compat flag, and not an incompat one. If a person has the ability to mount the FS (even if it's a read-only mount), then they by definition have read access to the file or partition that the filesystem is contained in, which means that any ACL's stored on the filesystem are functionally irrelevant,It is unfortunately not safe to make such a file system accessible to other users, so the feature is not strictly read-only compatible.
Can you please explain exactly why it isn't safe to make such a filesystem accessible to other users? Because that _really_ sounds to me like you are trying to rely on this being un-mountable on a kernel that doesn't support richacls to try and provide the illusion of better security.
Attachment:
smime.p7s
Description: S/MIME Cryptographic Signature
