[PATCH] vfs module for VxFS
Andrew Bartlett
abartlet at samba.org
Mon Sep 1 17:52:49 MDT 2014
On Mon, 2014-09-01 at 01:58 -0700, Abhidnya Joshi wrote:
> Hi Andrew,
>
> Please find answers as below:
>
> 1. In your system, is there any protection to ensure that only Samba is modifying this xattr, given it has moved from the protected namespace?
> -> We have restricted access to filesystem, with only CIFS and NFS.
The concern I have is that Samba can permit access to extended
attributes directly. You have to ban them in samba_private_attr_name()
in source3/smbd/trans2.c.
While I understand your module is essentially for your own use, others
will probably copy from it, and if they don't also know to update the
samba_private_attr_name() code in trans2.c to ban access, and if their
system is more option than yours, they may unwittingly have a security
issue.
I don't have a good solution, except perhaps clear and prominent
comments, but I'm not comfortable with this in our upstream code.
Can anyone else see a better way out of this?
> 2. If that ACL is changed, but not the ACL on the children, what happens?
> ->It's copy-on-write, so parent makes its own copy. All the children keep old copy of ACL, not shared with parent. Its filesystem specific, though and hence users are not affected.
OK, thanks.
Andrew Bartlett
--
Andrew Bartlett
http://samba.org/~abartlet/
Authentication Developer, Samba Team http://samba.org
Samba Developer, Catalyst IT http://catalyst.net.nz/services/samba
More information about the samba-technical
mailing list