Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'xattrs
From: Andreas Dilger
Date: Tue Mar 02 2010 - 03:28:29 EST
On 2010-03-02, at 01:01, James Morris wrote:
I noticed that there are differences in the behavior of listxattr(2)
for
xattrs in the trusted namespace.
Some filesystems, such as ext[234], require CAP_SYS_ADMIN for this,
i.e.
trusted xattr names are hidden from unprivileged users.
This matches my understanding of the trusted.* namespace. It is
settable by the kernel and root (CAP_SYS_ADMIN) but not regular users.
I'm not sure what the initial intention was for the behavior, although
given that several major filesystems are have been fielded with the
CAP_SYS_ADMIN check, it seems most prudent to make this the standard
behavior for all filesystems, in case any users are depending on it.
Cheers, Andreas
--
Andreas Dilger
Sr. Staff Engineer, Lustre Group
Sun Microsystems of Canada, Inc.
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/