On 11/18/13, 8:26 AM, Paul FM wrote: > > Yes - I need noacl and nouser_xattr > > How about documenting your intent to remove them in the man pages. > > acl support and user_xattr support need to be off on the / and /usr > filesystems to simplify security. Actually I want a way to turn off > ALL extended attribute support on any filesystem. How about noxattr > (which would turn off ALL extended attribute support including acls). > I also use nosuid on filesystems that shouldn't have any suid files. > > This is to follow the security principal - "If you aren't using it > and don't need it - turn it off". FWIW, it still can be disabled at build time via CONFIG_EXT3_FS_POSIX_ACL But if you are using a distro kernel that turns that on, I see your point about noacl. However, I'm not sure how nouser_xattr comes into the argument? xattrs by themselves are just metadata; they don't impact security control unless they are a special kind of xattrs (i.e. acls). Thanks, -Eric > The simple Posix/Unix permissions are more than enough security > control in almost every situation I have run into (only wish I could > use them in Windows). > > Having worked extensively with ACLS on Windows (and some older Main > Frame OSes) - I note that ACL's add a level of complexity to security > that actually makes for less security. I see the need to support > them in Unix/Linux - but they should be OFF unless someone > specifically wants to use them (at least don't make them hard to turn > off). > > Just try auditing the security of a windows filesystem if you don't > think ACL's add extreme complexity (I gave up - I just forcibily set > all the ACL's myself by script using the unix Owner,Group,Other > concepts as a model to simplify what I am setting). > > > > -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
