[Ocfs2-devel] [patch 02/28] ocfs2: trusted xattr missing CAP_SYS_ADMIN check
Mark Fasheh
mfasheh at suse.de
Fri Aug 28 16:03:36 PDT 2015
On Wed, Aug 26, 2015 at 03:11:24PM -0700, Andrew Morton wrote:
> From: Sanidhya Kashyap <sanidhya.gatech at gmail.com>
> Subject: ocfs2: trusted xattr missing CAP_SYS_ADMIN check
>
> The trusted extended attributes are only visible to the process which hvae
> CAP_SYS_ADMIN capability but the check is missing in ocfs2 xattr_handler
> trusted list. The check is important because this will be used for
> implementing mechanisms in the userspace for which other ordinary
> processes should not have access to.
>
> Signed-off-by: Sanidhya Kashyap <sanidhya.gatech at gmail.com>
> Cc: Mark Fasheh <mfasheh at suse.com>
> Cc: Joel Becker <jlbec at evilplan.org>
> Cc: Taesoo kim <taesoo at gatech.edu>
> Signed-off-by: Andrew Morton <akpm at linux-foundation.org>
Reviewed-by: Mark Fasheh <mfasheh at suse.de>
--
Mark Fasheh
More information about the Ocfs2-devel
mailing list