| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 10 Mar 2010 06:40:35 -0500
From: Christoph Hellwig <hch@...radead.org>
To: James Morris <jmorris@...ei.org>
Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org,
linux-security-module@...r.kernel.org,
David Woodhouse <dwmw2@...radead.org>,
Joel Becker <joel.becker@...cle.com>,
Mark Fasheh <mfasheh@...e.com>, Alex Elder <aelder@....com>,
Chris Mason <chris.mason@...cle.com>,
a.gruenbacher@...puter.org
Subject: Re: [RFC][PATCH 0/2] Correct behavior for listxattr and 'trusted'
xattrs
On Tue, Mar 02, 2010 at 07:01:05PM +1100, James Morris wrote:
> I audited the kernel for users of the trusted xattr namespace, and found
> the following filesystems not checking for CAP_SYS_ADMIN:
>
> - jffs2
> - ocfs2
> - btrfs
> - xfs
Now that everyone felt the consensus is that we need the check I look
into adding it into XFS, but it seems like we already have that check
in xfs_xattr_put_listent:
/*
* Only show root namespace entries if we are actually allowed to
* see them.
*/
if ((flags & XFS_ATTR_ROOT) && !capable(CAP_SYS_ADMIN))
return 0;
Can you send me the testcases where XFs shows trusted attributes?
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists