[Top] [All Lists]

Re: BUG: ACL's are a security attribute. They belong in the Security att

Subject: Re: BUG: ACL's are a security attribute. They belong in the Security attrib space, not the Root-attrib space.
From: Linda Walsh <xfs@xxxxxxxxx>
Date: Tue, 23 Jul 2013 21:37:47 -0700
Cc: xfs-oss <xfs@xxxxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
In-reply-to: <20130724040525.GQ19986@dastard>
References: <51EEF5C6.3050904@xxxxxxxxx> <20130724040525.GQ19986@dastard>
User-agent: Thunderbird

Dave Chinner wrote:
> On Tue, Jul 23, 2013 at 02:29:42PM -0700, Linda Walsh wrote:
> > Currently there are 3 disjoint attribute spaces on files -- user, root and 
> > security.
> >
> > (there is a misprint in the manual that says there is 2, but later, it gives
> > talks about using no switch giving the User attrib space, -R for Root attrib
> > space, and -S for the Security attrib space).
> You're confusing on-disk formats used to store attributes with
> namepaces used to report and access them.  Linux has security,
> system, trusted and user namespaces, while on disk XFS has "root",
> "secure",  and "user" spaces.
> i.e.
> Linux attr    XFS on disk
> system        root
> security    secure
> trusted        root
> user        user
    That makes the man page even more dated...

Why don't we copy your explanation into the manpage!  It's certainly
more clear! ;-)

> > Of these, the ACL's are being placed in the root, which might describe
> > file types, or other OS related info, but not security attributes like 
> > ACL's.
> > They should be in the Security attrib space (otherwise what is the point of 
> > a
> > Security attribute space).
> Posix ACLS are defined by the *kernel* to be in the "system"
> namespace:
    Likely because the system namespace predates the secur[e/ity] namespace,
which seems like it might have been the timeframe that part in the "attr" 
saying there were only 2 namespaces, was written?

> #define POSIX_ACL_XATTR_ACCESS  "system.posix_acl_access"
> #define POSIX_ACL_XATTR_DEFAULT "system.posix_acl_default"
> IOWs, the Linux *kernel* doesn't consider ACLs to be part of the
> security namespace, and so neither does XFS.
    Well, of the kernel I can understand why ... and then it
makes sense that XFS would have followed the kernel through its

So that still leaves the Q's about the -l (--list) function no longer
being maitained, and the suggested alternates having no similar functionality
nor any for the 'root' or 'secur' namespaces.

Maybe not important, but sometimes linux security looks a bit like it is
partaking of
security through obscurity...or it could just be generally obscure engineer

<Prev in Thread] Current Thread [Next in Thread>