On Tue, Feb 11, 2025 at 1:14 PM Miklos Szeredi <miklos@xxxxxxxxxx> wrote: > > On Tue, 11 Feb 2025 at 11:50, Amir Goldstein <amir73il@xxxxxxxxx> wrote: > > > > On Mon, Feb 10, 2025 at 8:45 PM Miklos Szeredi <mszeredi@xxxxxxxxxx> wrote: > > > > > > Allow the "verity" mount option to be used with "userxattr" data-only > > > layer(s). > > > > This standalone sentence sounds like a security risk, > > because unpriv users could change the verity digest. > > I suggest explaining it better. > > Same condition as in previous patch applies: if xattr is on a > read-only layer or modification is prevented in any other way, then > it's safe. Otherwise no. > Yes, but one has to follow the series to figure out that userxattr means that redirect/metacopy are allowed from lower -> data only, so it is better to mention this again in the context of the commit message that relaxes the requirement. And also even if lower is on a read-only layer, maybe we need to fix the uppermetacpy vector from index to make it safe. Thanks, Amir.
