Date: Sat, 3 Aug 2024 10:10:05 -0600 From: Alan Somers <asomers@freebsd.org> To: Shawn Webb <shawn.webb@hardenedbsd.org> Cc: Jamie Landeg-Jones <jamie@catflap.org>, freebsd-hackers@freebsd.org Subject: Re: RFC: ACLs on fusefs Message-ID: <CAOtMX2gBrEO0NdoUkLPJQ8M81DmPwhRuSxuRkJuf=H1JwOn7WQ@mail.gmail.com> In-Reply-To: <drs3qfdinxk4siilsayycgp6imlzkmtxihhvtyhw3bssyszjgh@v7v4cav4ibcx> References: <CAOtMX2jska_8yG0tf31nEFDQCkQODim8yLBt2qRQ4LbBVc8ZAQ@mail.gmail.com> <202408030413.4734D5gd042998@donotpassgo.dyslexicfish.net> <CAOtMX2gHnNna_o6ig23PEPabWnQzPvQe-N8N%2BV8CAdsY-AzCBQ@mail.gmail.com> <drs3qfdinxk4siilsayycgp6imlzkmtxihhvtyhw3bssyszjgh@v7v4cav4ibcx>
next in thread | previous in thread | raw e-mail | index | archive | help
On Sat, Aug 3, 2024 at 10:00=E2=80=AFAM Shawn Webb <shawn.webb@hardenedbsd.= org> wrote: > > On Sat, Aug 03, 2024 at 09:03:38AM -0600, Alan Somers wrote: > > On Fri, Aug 2, 2024 at 10:13=E2=80=AFPM Jamie Landeg-Jones <jamie@catfl= ap.org> wrote: > > > > > > Alan Somers <asomers@FreeBSD.org> wrote: > > > > > > > TLDR; > > > > how useful would it be if fusefs(4) could support ACLs? > > > > > > I, personally, don't use ACLs generally, so have not missed them on > > > fusefs. > > > > > > However, I do make extensive use of XATTRs, so those are what I've > > > really missed. > > > > > > I didn't know xatrs were now supported - is that a new thing, or mayb= e > > > the client I use (borgs sshfs implementation) needs to be updated? > > > > > > Cheers, Jamie > > > > Our fusefs has supported xattrs for a long time. But the specific > > fuse file system needs support too. Looking right now, I don't see > > any support in sysutils/fusefs-sshfs . > > In fact, I have a (significantly buggy) proof-of-concept fusefs server > that stores file payload data as extended attributes. Since the tar > file format supports extended attributes, this makes data exfiltration > somewhat easier. > > Though, I suppose, since my proof-of-concept is buggy, using my > solution would make data exfil somewhat more difficult. ;-) > > Hopefully someday, I'll have the time to finish the PoC and make it > usable for production. > > PoC code: https://git.hardenedbsd.org/shawn.webb/altfs That's interesting. It looks like the opposite of what Tomoaki was describing. What's the intended application? Is it like a sort of unionfs, used to place a second file system on-top of an existing one?
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?CAOtMX2gBrEO0NdoUkLPJQ8M81DmPwhRuSxuRkJuf=H1JwOn7WQ>