Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'xattrs
From: Andreas Dilger
Date: Tue Mar 02 2010 - 03:28:29 EST
On 2010-03-02, at 01:01, James Morris wrote:
I noticed that there are differences in the behavior of listxattr(2)
xattrs in the trusted namespace.
Some filesystems, such as ext, require CAP_SYS_ADMIN for this,
trusted xattr names are hidden from unprivileged users.
This matches my understanding of the trusted.* namespace. It is
settable by the kernel and root (CAP_SYS_ADMIN) but not regular users.
I'm not sure what the initial intention was for the behavior, although
given that several major filesystems are have been fielded with the
CAP_SYS_ADMIN check, it seems most prudent to make this the standard
behavior for all filesystems, in case any users are depending on it.
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/