| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Tue, 10 Nov 2015 10:43:46 -0600 From: Steve French <smfrench@...il.com> To: Andreas Gruenbacher <agruenba@...hat.com> Cc: Christoph Hellwig <hch@...radead.org>, Alexander Viro <viro@...iv.linux.org.uk>, "Theodore Ts'o" <tytso@....edu>, Andreas Dilger <adilger.kernel@...ger.ca>, "J. Bruce Fields" <bfields@...ldses.org>, Jeff Layton <jlayton@...chiereds.net>, Trond Myklebust <trond.myklebust@...marydata.com>, Anna Schumaker <anna.schumaker@...app.com>, Dave Chinner <david@...morbit.com>, linux-ext4 <linux-ext4@...r.kernel.org>, XFS Developers <xfs@....sgi.com>, LKML <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, Linux NFS Mailing List <linux-nfs@...r.kernel.org>, "linux-cifs@...r.kernel.org" <linux-cifs@...r.kernel.org>, Linux API <linux-api@...r.kernel.org> Subject: Re: [PATCH v15 00/22] Richacls (Core and Ext4) On Tue, Nov 10, 2015 at 6:39 AM, Andreas Gruenbacher <agruenba@...hat.com> wrote: > On Tue, Nov 10, 2015 at 12:29 PM, Christoph Hellwig <hch@...radead.org> wrote: >> On Mon, Nov 09, 2015 at 12:08:41PM +0100, Andreas Gruenbacher wrote: >>> Here is another update to the richacl patch queue. This posting contains >>> the patches ready to be merged; the patches later in the queue still need >>> some more review. <snip> >> and still abuses xattrs instead of a proper syscall interface. >> That's far from being ready to merge. > > The xattr syscall interface is what's used for very similar kinds of > things today; using it for richacls as well sure does not count as > abuse. Things could be improved in the xattr interface and in its > implementation, but we need more substantial reasons than that for > reimplementing the wheel once again. I don't have strong disagreement with using pseudo-xattrs to store/retrieve ACLs (we already do this) but retrieving/setting an ACL all at once can be awkward when ACLs are quite large e.g. when it encodes to over 1MB (not all administrators think about the size of ACLs when they add hundreds of users or groups or apps to ACLs). The bigger problem is that when ACLs are created -- after -- the file is created there is a potential race (harder to deal with in cluster and network file systems). Ideally we should be able to optionally pass all the security information needed to create a file in the create call itself. For apps which don't care they can continue to use the old syscalls. In the meantime, I don't mind the approach of staging this in via a pseudo-xattr, Samba can deal with that (and it will make some of the backup and data movement tools easier for the cifs.ko client which currently rely on a cifs specific xattr). In cifs.ko I still need to enable the SMB3 ACL helper functions (currently only enabled for the older cifs dialect) since that will make it easier, and figure out a way to allow helper tools to view "claims based ACLs" (DAC), not just traditional CIFS/NTFS/SMB3/RichACLs. -- Thanks, Steve -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists