On Mon, May 04, 2009 at 02:03:56PM -0700, Joel Becker wrote:
> On Mon, May 04, 2009 at 03:30:46PM -0400, Stephen Smalley wrote:
> > > Yeah, I really don't want to create multiple behaviors. I
> > > wasn't proposing the "behaves differently on CAP_CHOWN," I was trying to
> > > clarify what you were thinking.
> >
> > Given that normally users can't create files with other ownerships, it
> > seemed that we might want to require CAP_CHOWN or some other capability
> > in order to reflink(2) a file that isn't owned by the fsuid of the
> > process. Possibly is_owner_or_cap(), i.e. owner or CAP_FOWNER, would be
> > suitable.
>
> Yeah, the more I think about it the more I agree. It's a simple
> story - you're creating a file with ownership !you, you need
> owner_or_cap.
Stupid question --- why not create the file with ownership == you?
It's a new inode, so this should be trivially easy to do, right?
- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
