xfs
[Top] [All Lists]
<prev [Date] next>
[Advanced]
 <prev [Thread] next>

Re: [PATCH v11 21/48] ext4: Add richacl feature flag

from [Austin S Hemmelgarn] [Permanent Link][Original]
To: Andreas Gruenbacher <agruenba@xxxxxxxxxx>
Subject: Re: [PATCH v11 21/48] ext4: Add richacl feature flag
From: Austin S Hemmelgarn <ahferroin7@xxxxxxxxx>
Date: Mon, 19 Oct 2015 09:16:48 -0400
Cc: Alexander Viro <viro@xxxxxxxxxxxxxxxxxx>, Theodore Ts'o <tytso@xxxxxxx>, Andreas Dilger <adilger.kernel@xxxxxxxxx>, "J. Bruce Fields" <bfields@xxxxxxxxxxxx>, Jeff Layton <jlayton@xxxxxxxxxxxxxxx>, Trond Myklebust <trond.myklebust@xxxxxxxxxxxxxxx>, Anna Schumaker <anna.schumaker@xxxxxxxxxx>, Dave Chinner <david@xxxxxxxxxxxxx>, linux-ext4 <linux-ext4@xxxxxxxxxxxxxxx>, xfs@xxxxxxxxxxx, LKML <linux-kernel@xxxxxxxxxxxxxxx>, linux-fsdevel <linux-fsdevel@xxxxxxxxxxxxxxx>, Linux NFS Mailing List <linux-nfs@xxxxxxxxxxxxxxx>, linux-cifs@xxxxxxxxxxxxxxx, Linux API <linux-api@xxxxxxxxxxxxxxx>, "Aneesh Kumar K.V" <aneesh.kumar@xxxxxxxxxxxxxxxxxx>
Delivered-to: xfs@xxxxxxxxxxx
Dkim-signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20120113; h=subject:to:references:cc:from:message-id:date:user-agent :mime-version:in-reply-to:content-type; bh=Fk5LuVbXB2qRax7FOVjlLTq3Swu3q75GzcOlCalpYho=; b=gBRBL5b/c7RADk2rRr/CLBOl/Q5ARiyJl5pDR13/IL0AfUU1CBxrtntCkZlUyNXMZq FQeMOViEoxssyg6VdLDY7TIYAgqieqe2lCn5S+7Ciqg5+3K6SIXV2CtxzlybnE2JS0nM HZoiTxOnMtrIxAyKXFPoDQnIOqg/7IIP/XX7FXR+OTvd1ObCbnHiN6cRYrxnl4EtctF8 IA+k18XpR5bqr9U2PxhPmwYqQxjRqLIfMjiR7NDb2TUvyDEK1i/bhBI4XfKGgonTnQjB YFpvT5BFZBWiXUXAIHZCPH//ykMVZYGfW/Euq6kCEFMHb4DZL2FwjcIPZTXB4PY+sqHf zdPQ==
In-reply-to: <CAHc6FU7sR2zN-K3un74wCv+1NPnrqJ=LYiWo+YQ_2X0kopyoTQ@xxxxxxxxxxxxxx>
References: <1445008706-15115-1-git-send-email-agruenba@xxxxxxxxxx> <1445008706-15115-22-git-send-email-agruenba@xxxxxxxxxx> <5621346E.5000500@xxxxxxxxx> <CAHc6FU7sR2zN-K3un74wCv+1NPnrqJ=LYiWo+YQ_2X0kopyoTQ@xxxxxxxxxxxxxx>
User-agent: Mozilla/5.0 (Windows NT 6.1; WOW64; rv:38.0) Gecko/20100101 Thunderbird/38.3.0 
On 2015-10-16 13:41, Andreas Gruenbacher wrote:

On Fri, Oct 16, 2015 at 7:31 PM, Austin S Hemmelgarn
<ahferroin7@xxxxxxxxx> wrote:

I would like to re-iterate, on both XFS and ext4, I _really_ think this
should be a ro_compat flag, and not an incompat one.  If a person has the
ability to mount the FS (even if it's a read-only mount), then they by
definition have read access to the file or partition that the filesystem is
contained in, which means that any ACL's stored on the filesystem are
functionally irrelevant,


It is unfortunately not safe to make such a file system accessible to
other users, so the feature is not strictly read-only compatible.
OK, seeing as I wasn't particularly clear as to why I object to this in my other e-mail, let's try this again.
Can you please explain exactly why it isn't safe to make such a filesystem accessible to other users? Because that _really_ sounds to me like you are trying to rely on this being un-mountable on a kernel that doesn't support richacls to try and provide the illusion of better security.

Attachment: smime.p7s
Description: S/MIME Cryptographic Signature

[More with this subject...]
<Prev in Thread] Current Thread [Next in Thread>
Previous by Date:  Re: [PATCH v11 21/48] ext4: Add richacl feature flag, Austin S Hemmelgarn
Next by Date:  10 watt waterproof rechargeable led flood light, amy@xxxxxxxxxxxxx
Previous by Thread:  Re: [PATCH v11 21/48] ext4: Add richacl feature flag, Austin S Hemmelgarn
Next by Thread:  Re: [PATCH v11 21/48] ext4: Add richacl feature flag, Andreas Gruenbacher
Indexes:  [Date] [Thread] [Top] [All Lists]