| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <145e01d1cd72$d9b8d570$8d2a8050$@mindspring.com> Date: Thu, 23 Jun 2016 10:15:31 -0700 From: "Frank Filz" <ffilzlnx@...dspring.com> To: "'Weston Andros Adamson'" <dros@...key.org>, "'Andreas Gruenbacher'" <andreas.gruenbacher@...il.com> Cc: "'Linux Kernel'" <linux-kernel@...r.kernel.org>, <linux-fsdevel@...r.kernel.org>, "'linux-nfs list'" <linux-nfs@...r.kernel.org>, "'Weston Adamson'" <dros@...marydata.com> Subject: RE: [RFC v3 42/45] nfs: Add richacl support > First, let me say thanks for all the work! We (Primary Data) have been using > samba with the vfs_richacl module reexporting an nfsv4.2 mount and things > are working pretty well. You can count on us for testing, bug fixing and code > review. > > Now for my question: It looks like this call to richacl_apply_masks in the client > xattr_set path exists so that the knfsd permission check algorithm works > correctly. > This makes some pretty big assumptions about the server’s implementation. > There are other servers out there besides knfsd! > > I think this will have to be fixed before this patch can be accepted. I’m willing > to help, but I’m wondering where this should be fixed: > > Do we call richacl_apply_masks on the server before setting the xattr so the > normalized acl is saved, or should we save the ACL as-is and call > richacl_apply_masks before it’s used? I definitely want to hear more about this. At some point we will utilize RichACLs in Ganesha. Frank --- This email has been checked for viruses by Avast antivirus software. https://www.avast.com/antivirus
Powered by blists - more mailing lists