[Devel] [PATCH 2/2] xattr: allow to set trusted.xxx for container admin
Pavel Tikhomirov
ptikhomirov at virtuozzo.com
Wed Sep 7 12:13:50 PDT 2016
It seem to be used in shmemfs(shmem_listxattr) and cgroupfs(cgroupfs_listxattr) only, and every fs has its own list method, and some do not have capable() check.
Best regards, Tikhomirov Pavel
Software Developer, Virtuozzo.
________________________________________
От: Konstantin Khorenko
Отправлено: 7 сентября 2016 г. 19:41:31
Кому: Pavel Tikhomirov
Копия: devel at openvz.org
Тема: Re: [PATCH 2/2] xattr: allow to set trusted.xxx for container admin
On 09/06/2016 07:29 PM, Pavel Tikhomirov wrote:
> Attributes trusted.xxx are used in userspace mechanisms
> which want to keep information in extended attributes to
> which ordinary process has no access.
>
> We can't check them all, but here is hope that such
> mechanisms on host and in CT won't intersect, because
> most likely we won't find the process from host which
> sets xattrs on container files through /vz/root/<ctid>,
> except the case with trusted.pfcache which is covered in
> previous patch.
>
> https://jira.sw.ru/browse/PSBM-51102
> Signed-off-by: Pavel Tikhomirov <ptikhomirov at virtuozzo.com>
> ---
> fs/xattr.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/fs/xattr.c b/fs/xattr.c
> index 3377dff..d49ea1b 100644
> --- a/fs/xattr.c
> +++ b/fs/xattr.c
> @@ -52,7 +52,7 @@ xattr_permission(struct inode *inode, const char *name, int mask)
> * The trusted.* namespace can only be accessed by privileged users.
> */
> if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) {
> - if (!capable(CAP_SYS_ADMIN))
> + if (!ve_capable(CAP_SYS_ADMIN))
> return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
> return 0;
> }
>
why don't we need the same capable() -> ve_capable() in simple_xattr_list()?
More information about the Devel
mailing list