Re: [PATCH 2/2] security.capability: fix conversions on getxattr

From: Miklos Szeredi
Date: Thu Jan 28 2021 - 15:39:50 EST

Next message: Luck, Tony: "RE: linux-next: removal of the ia64 tree"
Previous message: Suren Baghdasaryan: "Re: [PATCH 1/1] process_madvise.2: Add process_madvise man page"
In reply to: Eric W. Biederman: "Re: [PATCH 2/2] security.capability: fix conversions on getxattr"
Next in thread: Eric W. Biederman: "Re: [PATCH 2/2] security.capability: fix conversions on getxattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

On Thu, Jan 28, 2021 at 9:24 PM Eric W. Biederman <ebiederm@xxxxxxxxxxxx> wrote:

> <aside>
> From our previous discussions I would also argue it would be good
> if there was a bypass that skipped all conversions if the reader
> and the filesystem are in the same user namespace.
> </aside>

That's however just an optimization (AFAICS) that only makes sense if
it helps a read world workload. I'm not convinced that that's the
case.

Thanks,
Miklos

Next message: Luck, Tony: "RE: linux-next: removal of the ia64 tree"
Previous message: Suren Baghdasaryan: "Re: [PATCH 1/1] process_madvise.2: Add process_madvise man page"
In reply to: Eric W. Biederman: "Re: [PATCH 2/2] security.capability: fix conversions on getxattr"
Next in thread: Eric W. Biederman: "Re: [PATCH 2/2] security.capability: fix conversions on getxattr"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]