Re: [PATCH v11 21/48] ext4: Add richacl feature flag

From: Austin S Hemmelgarn
Date: Mon Oct 19 2015 - 09:17:01 EST


On 2015-10-16 13:41, Andreas Gruenbacher wrote:
On Fri, Oct 16, 2015 at 7:31 PM, Austin S Hemmelgarn
<ahferroin7@xxxxxxxxx> wrote:
I would like to re-iterate, on both XFS and ext4, I _really_ think this
should be a ro_compat flag, and not an incompat one. If a person has the
ability to mount the FS (even if it's a read-only mount), then they by
definition have read access to the file or partition that the filesystem is
contained in, which means that any ACL's stored on the filesystem are
functionally irrelevant,

It is unfortunately not safe to make such a file system accessible to
other users, so the feature is not strictly read-only compatible.

OK, seeing as I wasn't particularly clear as to why I object to this in my other e-mail, let's try this again.

Can you please explain exactly why it isn't safe to make such a filesystem accessible to other users? Because that _really_ sounds to me like you are trying to rely on this being un-mountable on a kernel that doesn't support richacls to try and provide the illusion of better security.


Attachment: smime.p7s
Description: S/MIME Cryptographic Signature