Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted' xattrs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 2010-03-02, at 01:01, James Morris wrote:
I noticed that there are differences in the behavior of listxattr(2) for
xattrs in the trusted namespace.

Some filesystems, such as ext[234], require CAP_SYS_ADMIN for this, i.e.
trusted xattr names are hidden from unprivileged users.

This matches my understanding of the trusted.* namespace. It is settable by the kernel and root (CAP_SYS_ADMIN) but not regular users.

I'm not sure what the initial intention was for the behavior, although
given that several major filesystems are have been fielded with the
CAP_SYS_ADMIN check, it seems most prudent to make this the standard
behavior for all filesystems, in case any users are depending on it.


Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.

--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html

[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]
  Powered by Linux