On Wed, 5 Oct 2022 at 09:15, Christian Brauner <brauner@xxxxxxxxxx> wrote:
> We're just talking about thet fact that
> {g,s}etxattr(system.posix_acl_{access,default}) work on cifs but
> getting acls based on inode operations isn't supported. Consequently you
> can't use the acls for permission checking in the vfs for cifs. If as
> you say below that's intentional because the client doesn't perform
> access checks then that's probably fine.
Now I just need to wrap my head around how this interacts with all the
uid/gid transformations.
Do these (userns, mnt_userns) even make sense for the case of remotely
checked permissions?
Thanks,
Miklos
