From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mail-yb1-f195.google.com ([209.85.219.195]:41421 "EHLO mail-yb1-f195.google.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725854AbfDHGVA (ORCPT ); Mon, 8 Apr 2019 02:21:00 -0400 MIME-Version: 1.0 References: <155466882175.633834.15261194784129614735.stgit@magnolia> <155466884962.633834.14320700092446721044.stgit@magnolia> In-Reply-To: <155466884962.633834.14320700092446721044.stgit@magnolia> From: Amir Goldstein Date: Mon, 8 Apr 2019 09:20:47 +0300 Message-ID: Subject: Re: [PATCH 4/4] xfs: don't allow most setxattr to immutable files Content-Type: text/plain; charset="UTF-8" Sender: linux-xfs-owner@vger.kernel.org List-ID: List-Id: xfs To: "Darrick J. Wong" Cc: Dave Chinner , linux-xfs , Linux MM , linux-fsdevel , Ext4 , Linux Btrfs On Sun, Apr 7, 2019 at 11:28 PM Darrick J. Wong wrote: > > From: Darrick J. Wong > > The chattr manpage has this to say about immutable files: > > "A file with the 'i' attribute cannot be modified: it cannot be deleted > or renamed, no link can be created to this file, most of the file's > metadata can not be modified, and the file can not be opened in write > mode." > > However, we don't actually check the immutable flag in the setattr code, > which means that we can update project ids and extent size hints on > supposedly immutable files. Therefore, reject a setattr call on an > immutable file except for the case where we're trying to unset > IMMUTABLE. > > Signed-off-by: Darrick J. Wong Did you miss my comment on v1, or do you not think this use case is going to hurt any application that is not a rootkit? chattr +i foo => OK chattr +i foo => -EPERM Thanks, Amir.