From mboxrd@z Thu Jan  1 00:00:00 1970
From: Joel Becker <Joel.Becker@oracle.com>
Subject: Re: New reflink(2) syscall
Date: Tue, 5 May 2009 09:47:00 -0700
Message-ID: <20090505164700.GB7835@mail.oracle.com>
References: <alpine.LRH.2.00.0905041655220.21713@tundra.namei.org> <1241443016.3023.51.camel@localhost.localdomain> <20090504163514.GB31249@mail.oracle.com> <1241458669.3023.203.camel@localhost.localdomain> <20090504180855.GE31249@mail.oracle.com> <1241465446.3023.228.camel@localhost.localdomain> <20090504210356.GA25313@mail.oracle.com> <20090504231334.GA17486@mit.edu>
Mime-Version: 1.0
Content-Type: text/plain; charset=us-ascii
Cc: Stephen Smalley <sds@tycho.nsa.gov>,
	James Morris <jmorris@namei.org>,
	lsm <linux-security-module@vger.kernel.org>,
	linux-fsdevel@vger.kernel.org
To: Theodore Tso <tytso@mit.edu>
Return-path: <linux-security-module-owner@vger.kernel.org>
Content-Disposition: inline
In-Reply-To: <20090504231334.GA17486@mit.edu>
Sender: linux-security-module-owner@vger.kernel.org
List-Id: linux-fsdevel.vger.kernel.org

On Mon, May 04, 2009 at 07:13:34PM -0400, Theodore Tso wrote:
> On Mon, May 04, 2009 at 02:03:56PM -0700, Joel Becker wrote:
> > 	Yeah, the more I think about it the more I agree.  It's a simple
> > story - you're creating a file with ownership !you, you need
> > owner_or_cap.
> 
> Stupid question --- why not create the file with ownership == you?
> It's a new inode, so this should be trivially easy to do, right?

	Because then you have to change the entire security structure,
and you aren't a snapshot anymore.

Joel

-- 

Life's Little Instruction Book #451

	"Don't be afraid to say, 'I'm sorry.'"

Joel Becker
Principal Software Developer
Oracle
E-mail: joel.becker@oracle.com
Phone: (650) 506-8127