On Wed, Feb 28, 2024 at 09:33:25AM -0800, Darrick J. Wong wrote: > "We're about to start adding functionality that uses internal inodes > that are private to XFS. What this means is that userspace should never > be able to access any information about these files, and should not be > able to open these files by handle. > > "To prevent userspace from ever finding the file, or mis-interactions > with the security apparatus, set S_PRIVATE on the inode. Don't allow > bulkstat, open-by-handle, or linking of S_PRIVATE files into the > directory tree. This should keep private inodes actually private." Sounds good.
