[RFC] vfs_nfs4acl_xattr NFS4.1 support, support for XDR encoding and more...
Jeremy Allison
jra at samba.org
Tue Nov 7 21:47:33 UTC 2017
On Tue, Nov 07, 2017 at 01:16:27PM +0100, Ralph Böhme wrote:
> On Mon, Nov 06, 2017 at 04:26:13PM -0800, Jeremy Allison wrote:
> > On Thu, Nov 02, 2017 at 07:44:21PM +0100, Ralph Böhme via samba-technical wrote:
> > > On Thu, Nov 02, 2017 at 11:56:23AM +0100, Ralph Böhme wrote:
> > > > Ok, I'll then follow-up with a patchset that changes the ACL version to 4.1 and
> > > > the xattr name to "security.nfs4acl_ndr" instead of "security.nfs4acl".
> > >
> > > attached.
> > >
> > > Please review & push if happy. Thanks!
> >
> > Doing a thorough review on this.
> >
> > One quick question - the default for
> >
> > nfs4acl_xattr:default acl style
> >
> > is everyone. That's the least secure one.
> >
> > Why was that chosen ? Did I miss or forget
> > the discussion ?
>
> that's just the current behaviour of the unpatched module...
OK, RB+ and pushed with just one change, in make_default_acl_everyone()
you had:
struct security_ace aces[4];
which was cut-n-paste left over - we are only adding one
ace here so it should be:
struct security_ace aces[1];
Cheers !
Jeremy.
More information about the samba-technical
mailing list