Re: [PATCH] Extended attribute fixes, etc.

From: Andreas Gruenbacher (
Date: Sat Feb 15 2003 - 14:17:03 EST

On Saturday 15 February 2003 19:39, Christoph Hellwig wrote:
> On Sat, Feb 15, 2003 at 06:59:11PM +0100, Andreas Gruenbacher wrote:
> > > Please don't do the ugly flags stuff. We have fsuids and fsgids
> > > for exactly that reason (and because we're still lacking a
> > > credentials cache..).
> >
> > The XATTR_KERNEL_CONTEXT flag cannot be substituted by a uid/gid
> > change; it is unrelated to that; that's the whole point of it. It
> > would be possible to raise some other flag (such as a capability,
> > etc.) instead of passing an explicit flag, but that seems uglier
> > and more problematic/error prone to me.
> Then raise CAP_DAC_OVERRIDE. The right thing would be to pass down a
> struct cred, so we could pass down the magic sys_cred that allows all
> access (look at the XFS ACL code for details on that..), but
> unfortuantately we still don't have proper credentials although there
> were numerous patches around in the last years and we really want it
> for other reasons.

That sounds quite reasonable. I would have to raise CAP_SYS_ADMIN for
trusted EA's, though. Do you see any potential side effects while a
pretty powerful capability like CAP_SYS_ADMIN is temporarily raised?

> Magic flags that change the DAC checks work are ugly and will most
> certainly lead to bugs in some implementations sooner or later.



To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to
More majordomo info at
Please read the FAQ at

This archive was generated by hypermail 2b29 : Sat Feb 15 2003 - 22:01:03 EST