Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'xattrs

From: Christoph Hellwig
Date: Wed Mar 10 2010 - 06:40:46 EST

Next message: Magnus Damm: "[PATCH] Driver core: Early platform kernel-doc update"
Previous message: Robert P. J. Day: "[PATCH] Documentation: Update "struct bus_type" definition."
Next in thread: James Morris: "Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'xattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Tue, Mar 02, 2010 at 07:01:05PM +1100, James Morris wrote:
> I audited the kernel for users of the trusted xattr namespace, and found
> the following filesystems not checking for CAP_SYS_ADMIN:
>
> - jffs2
> - ocfs2
> - btrfs
> - xfs

Now that everyone felt the consensus is that we need the check I look
into adding it into XFS, but it seems like we already have that check
in xfs_xattr_put_listent:

/*
* Only show root namespace entries if we are actually allowed to
* see them.
*/
if ((flags & XFS_ATTR_ROOT) && !capable(CAP_SYS_ADMIN))
return 0;

Can you send me the testcases where XFs shows trusted attributes?

--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Magnus Damm: "[PATCH] Driver core: Early platform kernel-doc update"
Previous message: Robert P. J. Day: "[PATCH] Documentation: Update "struct bus_type" definition."
Next in thread: James Morris: "Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'xattrs"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]