From: Austin S Hemmelgarn <ahferroin7-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
To: Andreas Gruenbacher <agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
Cc: Alexander Viro
<viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org>,
Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>,
Andreas Dilger
<adilger.kernel-m1MBpc4rdrD3fQ9qLvQP4Q@public.gmane.org>,
"J. Bruce Fields"
<bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org>,
Jeff Layton <jlayton-vpEMnDpepFuMZCB2o+C8xQ@public.gmane.org>,
Trond Myklebust
<trond.myklebust-7I+n7zu2hftEKMMhf/gKZA@public.gmane.org>,
Anna Schumaker
<anna.schumaker-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org>,
Dave Chinner <david-FqsqvQoI3Ljby3iVrkZq2A@public.gmane.org>,
linux-ext4 <linux-ext4-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
xfs-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org,
LKML <linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-fsdevel
<linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
Linux NFS Mailing List
<linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
Linux API <linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org>,
"Aneesh Kumar K.V"
<aneesh.kumar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org>
Subject: Re: [PATCH v11 21/48] ext4: Add richacl feature flag
Date: Mon, 19 Oct 2015 09:16:48 -0400 [thread overview]
Message-ID: <5624ED40.7040206@gmail.com> (raw)
In-Reply-To: <CAHc6FU7sR2zN-K3un74wCv+1NPnrqJ=LYiWo+YQ_2X0kopyoTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
[-- Attachment #1: Type: text/plain, Size: 1144 bytes --]
On 2015-10-16 13:41, Andreas Gruenbacher wrote:
> On Fri, Oct 16, 2015 at 7:31 PM, Austin S Hemmelgarn
> <ahferroin7-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org> wrote:
>> I would like to re-iterate, on both XFS and ext4, I _really_ think this
>> should be a ro_compat flag, and not an incompat one. If a person has the
>> ability to mount the FS (even if it's a read-only mount), then they by
>> definition have read access to the file or partition that the filesystem is
>> contained in, which means that any ACL's stored on the filesystem are
>> functionally irrelevant,
>
> It is unfortunately not safe to make such a file system accessible to
> other users, so the feature is not strictly read-only compatible.
>
OK, seeing as I wasn't particularly clear as to why I object to this in
my other e-mail, let's try this again.
Can you please explain exactly why it isn't safe to make such a
filesystem accessible to other users? Because that _really_ sounds to
me like you are trying to rely on this being un-mountable on a kernel
that doesn't support richacls to try and provide the illusion of better
security.
[-- Attachment #2: S/MIME Cryptographic Signature --]
[-- Type: application/pkcs7-signature, Size: 3019 bytes --]
next prev parent reply other threads:[~2015-10-19 13:16 UTC|newest]
Thread overview: 64+ messages / expand[flat|nested] mbox.gz Atom feed top
2015-10-16 15:17 [PATCH v11 00/48] Richacls Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 01/48] vfs: Add IS_ACL() and IS_RICHACL() tests Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 02/48] vfs: Add MAY_CREATE_FILE and MAY_CREATE_DIR permission flags Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 03/48] vfs: Add MAY_DELETE_SELF and MAY_DELETE_CHILD " Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 04/48] vfs: Make the inode passed to inode_change_ok non-const Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 05/48] vfs: Add permission flags for setting file attributes Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 06/48] richacl: In-memory representation and helper functions Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 07/48] richacl: Permission mapping functions Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 08/48] richacl: Compute maximum file masks from an acl Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 09/48] richacl: Permission check algorithm Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 10/48] vfs: Cache base_acl objects in inodes Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 11/48] vfs: Add get_richacl and set_richacl inode operations Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 12/48] vfs: Cache richacl in struct inode Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 14/48] richacl: Check if an acl is equivalent to a file mode Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 15/48] richacl: Create-time inheritance Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 16/48] richacl: Automatic Inheritance Andreas Gruenbacher
2015-10-16 16:00 ` Andy Lutomirski
[not found] ` <CALCETrXFkB01tk21FuEOqABHWg1XyOQwsT+s=Lq0RYye6X_7xw-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-10-16 16:13 ` Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 17/48] richacl: xattr mapping functions Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 19/48] vfs: Add richacl permission checking Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 20/48] ext4: Add richacl support Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 22/48] xfs: Fix error path in xfs_get_acl Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 23/48] xfs: Make xfs_set_mode non-static Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 24/48] xfs: Add richacl support Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 25/48] richacl: acl editing helper functions Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 26/48] richacl: Move everyone@ aces down the acl Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 28/48] richacl: Set the owner permissions to the owner mask Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 29/48] richacl: Set the other permissions to the other mask Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 30/48] richacl: Isolate the owner and group classes Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 31/48] richacl: Apply the file masks to a richacl Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 32/48] richacl: Create richacl from mode values Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 34/48] nfsd: Use richacls as internal acl representation Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 36/48] nfsd: Add support for the v4.1 dacl attribute Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 37/48] nfsd: Add support for the MAY_CREATE_{FILE,DIR} permissions Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 38/48] richacl: Add support for unmapped identifiers Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 39/48] nfsd: Add support for unmapped richace identifiers Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 40/48] ext4: Don't allow unmapped identifiers in richacls Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 41/48] xfs: " Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 42/48] sunrpc: Allow to demand-allocate pages to encode into Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 43/48] sunrpc: Add xdr_init_encode_pages Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 44/48] nfs: Fix GETATTR bitmap verification Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 45/48] nfs: Remove unused xdr page offsets in getacl/setacl arguments Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 46/48] nfs: Distinguish missing users and groups from nobody Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 47/48] nfs: Add richacl support Andreas Gruenbacher
[not found] ` <1445008706-15115-1-git-send-email-agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-10-16 15:17 ` [PATCH v11 13/48] richacl: Update the file masks in chmod() Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 18/48] richacl: Add richacl xattr handler Andreas Gruenbacher
2015-10-16 15:17 ` [PATCH v11 21/48] ext4: Add richacl feature flag Andreas Gruenbacher
[not found] ` <1445008706-15115-22-git-send-email-agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org>
2015-10-16 17:31 ` Austin S Hemmelgarn
2015-10-16 17:41 ` Andreas Gruenbacher
[not found] ` <CAHc6FU7sR2zN-K3un74wCv+1NPnrqJ=LYiWo+YQ_2X0kopyoTQ-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-10-16 18:27 ` Austin S Hemmelgarn
[not found] ` <562141AD.60302-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-10-17 23:17 ` Dave Chinner
2015-10-19 13:12 ` Austin S Hemmelgarn
2015-10-19 13:16 ` Austin S Hemmelgarn [this message]
[not found] ` <5624ED40.7040206-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-10-19 15:34 ` Andreas Gruenbacher
2015-10-19 16:19 ` Austin S Hemmelgarn
[not found] ` <5625182C.3050007-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-10-19 16:39 ` Andreas Dilger
2015-10-19 17:33 ` Andreas Gruenbacher
[not found] ` <CAHc6FU75GXGeav1ho-QraPS_F8fpOXnoDyv17+b=koiF=9YE5A-JsoAwUIsXosN+BqQ9rBEUg@public.gmane.org>
2015-10-19 18:45 ` Austin S Hemmelgarn
[not found] ` <56253A35.4070309-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
2015-10-19 20:20 ` Andreas Gruenbacher
2015-10-20 12:33 ` Austin S Hemmelgarn
2015-10-16 15:18 ` [PATCH v11 27/48] richacl: Propagate everyone@ permissions to other aces Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 33/48] nfsd: Keep list of acls to dispose of in compoundargs Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 35/48] nfsd: Add richacl support Andreas Gruenbacher
2015-10-16 15:18 ` [PATCH v11 48/48] nfs: Add support for the v4.1 dacl attribute Andreas Gruenbacher
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=5624ED40.7040206@gmail.com \
--to=ahferroin7-re5jqeeqqe8avxtiumwx3w@public.gmane.org \
--cc=adilger.kernel-m1MBpc4rdrD3fQ9qLvQP4Q@public.gmane.org \
--cc=agruenba-H+wXaHxf7aLQT0dZR+AlfA@public.gmane.org \
--cc=aneesh.kumar-23VcF4HTsmIX0ybBhKVfKdBPR1lH4CV8@public.gmane.org \
--cc=anna.schumaker-HgOvQuBEEgTQT0dZR+AlfA@public.gmane.org \
--cc=bfields-uC3wQj2KruNg9hUCZPvPmw@public.gmane.org \
--cc=david-FqsqvQoI3Ljby3iVrkZq2A@public.gmane.org \
--cc=jlayton-vpEMnDpepFuMZCB2o+C8xQ@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-cifs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-ext4-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-nfs-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=trond.myklebust-7I+n7zu2hftEKMMhf/gKZA@public.gmane.org \
--cc=tytso-3s7WtUTddSA@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
--cc=xfs-VZNHf3L845pBDgjK7y7TUQ@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).