lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Fri, 16 Oct 2015 09:00:11 -0700 From: Andy Lutomirski <luto@...capital.net> To: Andreas Gruenbacher <agruenba@...hat.com> Cc: Alexander Viro <viro@...iv.linux.org.uk>, "Theodore Ts'o" <tytso@....edu>, Andreas Dilger <adilger.kernel@...ger.ca>, "J. Bruce Fields" <bfields@...ldses.org>, Jeff Layton <jlayton@...chiereds.net>, Trond Myklebust <trond.myklebust@...marydata.com>, Anna Schumaker <anna.schumaker@...app.com>, Dave Chinner <david@...morbit.com>, "linux-ext4@...r.kernel.org" <linux-ext4@...r.kernel.org>, xfs@....sgi.com, "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>, Linux FS Devel <linux-fsdevel@...r.kernel.org>, linux-nfs@...r.kernel.org, linux-cifs@...r.kernel.org, Linux API <linux-api@...r.kernel.org> Subject: Re: [PATCH v11 16/48] richacl: Automatic Inheritance On Fri, Oct 16, 2015 at 8:17 AM, Andreas Gruenbacher <agruenba@...hat.com> wrote: > Automatic Inheritance (AI) allows changes to the acl of a directory to > propagate down to children. > > This is mostly implemented in user space: when a process changes the > permissions of a directory and Automatic Inheritance is enabled for that > directory, the process must propagate those changes to all children, > recursively. > > The kernel enables this by keeping track of which permissions have been > inherited at create time. In addition, it makes sure that permission > propagation is turned off when the permissions are set explicitly (for > example, upon create or chmod). > > Automatic Inheritance works as follows: > > - When the RICHACL_AUTO_INHERIT flag in the acl of a file or directory > is not set, the file or directory is not affected by AI. > > - When the RICHACL_AUTO_INHERIT flag in the acl of a directory is set > and a file or subdirectory is created in that directory, the > inherited acl will have the RICHACL_AUTO_INHERIT flag set, and all > inherited aces will have the RICHACE_INHERITED_ACE flag set. This > allows user space to distinguish between aces which have been > inherited and aces which have been explicitly added. What if the file or subdirectory that's created in that directory is a hard link? --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists