Date: Sat, 2 Sep 2000 16:33:31 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: Re: cvs commit: src/sys/ufs/ufs extattr.h ufs_extattr.c src/usr.sbin/extattrctl extattrctl.8 extattrctl.c Message-ID: <Pine.NEB.3.96L.1000902163235.60028A-100000@fledge.watson.org> In-Reply-To: <200009022031.NAA71259@freefall.freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
Just to let all know -- this is in line with the protection models for extended attributes in IRIX/TRIX, as well as the Linux EA patches. There was fairly extensive discussion of this model on the POSIX.1e mailing list, and in other related forums (linux-privs, acl-devel, et al). Robert N M Watson robert@fledge.watson.org http://www.watson.org/~robert/ PGP key fingerprint: AF B5 5F FF A6 4A 79 37 ED 5F 55 E9 58 04 6A B1 TIS Labs at Network Associates, Safeport Network Services On Sat, 2 Sep 2000, Robert Watson wrote: > rwatson 2000/09/02 13:31:26 PDT > > Modified files: > sys/ufs/ufs extattr.h ufs_extattr.c > usr.sbin/extattrctl extattrctl.8 extattrctl.c > Log: > Modify extended attribute protection model to authorize based on > attribute namespace and DAC protection on file: > - Attribute names beginning with '$' are in the system namespace > - The attribute name "$" is reserved > - System namespace attributes may only be read/set by suser() > or by kernel (cred == NULL) > - Other attribute names are in the application namespace > - The attribute name "" is reserved > - Application namespace attributes are protected in the manner > of the target file permission > > o Kernel changes > - Add ufs_extattr_valid_attrname() to check whether the requested > attribute "set" or "enable" is appropriate (i.e., non-reserved) > - Modify ufs_extattr_credcheck() to accept target file vnode, not > to take inode uid > - Modify ufs_extattr_credcheck() to check namespace, then enforce > either kernel/suser for system namespace, or vaccess() for > application namespace > o EA backing file format changes > - Remove permission fields from extended attribute backing file > header > - Bump extended attribute backing file header version to 3 > o Update extattrctl.c and extattrctl.8 > - Remove now deprecated -r and -w arguments to initattr, as > permissions are now implicit > - (unrelated) fix error reporting and unlinking during failed > initattr to remove duplicate/inaccurate error messages, and to > only unlink if the failure wasn't in the backing file open() > > Obtained from: TrustedBSD Project > > Revision Changes Path > 1.8 +2 -4 src/sys/ufs/ufs/extattr.h > 1.9 +60 -41 src/sys/ufs/ufs/ufs_extattr.c > 1.7 +4 -28 src/usr.sbin/extattrctl/extattrctl.8 > 1.6 +16 -50 src/usr.sbin/extattrctl/extattrctl.c > > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1000902163235.60028A-100000>