| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <CAKPOu+9KauLTWWkF+JcY4RXft+pyhCGnC0giyd82K35oJ2FraA@mail.gmail.com> Date: Wed, 11 Sep 2024 21:21:22 +0200 From: Max Kellermann <max.kellermann@...os.com> To: Patrick Donnelly <pdonnell@...hat.com> Cc: xiubli@...hat.com, idryomov@...il.com, ceph-devel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH v2] fs/ceph/quota: ignore quota with CAP_SYS_RESOURCE On Wed, Sep 11, 2024 at 8:04 PM Patrick Donnelly <pdonnell@...hat.com> wrote: > CephFS has many components that are cooperatively maintained by the > MDS **and** the clients; i.e. the clients are trusted to follow the > protocols and restrictions in the file system. For example, > capabilities grant a client read/write permissions on an inode but a > client could easily just open any file and write to it at will. There > is no barrier preventing that misbehavior. To me, that sounds like you confirm my assumption on how Ceph works - both file permissions and quotas. As a superuser (CAP_DAC_OVERRIDE), I can write arbitrary files, and just as well CAP_SYS_RESOURCE should allow me to exceed quotas - that's how both capabilities are documented. > Having root on a client does not extend to arbitrary superuser > permissions on the distributed file system. Down that path lies chaos > and inconsistency. Fine for me - I'll keep my patch in our kernel fork (because we need the feature), together with the other Ceph patches that were rejected. Max
Powered by blists - more mailing lists