Date: Thu, 01 Jun 2006 16:54:14 +0900 From: Daichi GOTO <daichi@freebsd.org> To: =?ISO-8859-1?Q?Andr=E9_Braga?= <meianoite@gmail.com> Cc: ozawa@ongs.co.jp, dkirhlarov@oilspace.com, freebsd-hackers@freebsd.org, =?ISO-8859-1?Q?Dag-Erling_Sm=F8rgrav?= <des@des.no>, Daichi GOTO <daichi@freebsd.org>, freebsd-fs@freebsd.org, freebsd-current@freebsd.org, kris@obsecurity.org, Alexander Leidinger <Alexander@leidinger.net> Subject: Re: [ANN] unionfs patchset-13 release Message-ID: <447E9D26.3060800@freebsd.org> In-Reply-To: <2ad73a0605311125h7ac8a927t33bbfadf9fe18c33@mail.gmail.com> References: <E1F5gbI-000Eea-B7@cs1.cs.huji.ac.il> <43E73330.8070101@freebsd.org> <43EB4C00.2030101@freebsd.org> <4417DD8D.3050201@freebsd.org> <4433CA53.5050000@freebsd.org> <444E13BA.8050902@freebsd.org> <4475C119.1020305@freebsd.org> <447C919B.20303@freebsd.org> <86bqteikj4.fsf@xps.des.no> <20060531133814.acykloyqhkcccg80@netchild.homeip.net> <2ad73a0605311125h7ac8a927t33bbfadf9fe18c33@mail.gmail.com>
next in thread | previous in thread | raw e-mail | index | archive | help
André Braga wrote: > A post scriptum to the original message: > The buggy behaviour won't affect the host system, but the jail could > well be compromised. I also have this feeling that ACLs also aren't > respected inside jails or can be overwritten as easily as shown below > > Thanks, > André for all folks who have deep consideration of FS: We do not know well around MAC and ACL. Someone knows well around those, please teach us. Does MAC have a information of schg of chflags? for all folks who have deep consideration of FS: part2 Yeah, it is possible to make capability for setting the ALC and MAC information to the upper layer of the unionfs. With that, we must consider the policy that what information should be copied to shadow file when it makes shadow file. Without the policy, we cannot make it. We want to know your opinions if you have deep consideration of it. What do you make of it? -- Daichi GOTO, http://people.freebsd.org/~daichi
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?447E9D26.3060800>