Are extended attributes data or meta-data?
Peter Jeremy
peter at rulingia.com
Fri Nov 8 23:45:15 UTC 2013
I've been getting regular error messages logged by afpd:
Nov 9 00:00:19 server afpd[1966]: sys_getextattr_size: error: Permission denied
I have spent some time digging into it and it's triggered by
extattr_get_link(2) returning EACCESS because a file is not readable,
but stat(2) on the file succeeded.
According to extattr(2), "[n]amed extended attributes are meta-data
associated with vnodes" but the actual code for VOP_GETEXTATTR() (at least
for ufs & zfs) checks for VREAD access, whereas the VOP_GETATTR() call
(used by stat(2)) doesn't include any access checks (so stat(2) will
succeed unless namei() fails).
IMHO, this behaviour is inconsistent: The extended attributes are
documented as "meta-data" and but the access checks are for "data".
Which is correct?
--
Peter Jeremy
-------------- next part --------------
A non-text attachment was scrubbed...
Name: not available
Type: application/pgp-signature
Size: 326 bytes
Desc: not available
URL: <http://lists.freebsd.org/pipermail/freebsd-hackers/attachments/20131109/bb5a9cd7/attachment.sig>
More information about the freebsd-hackers
mailing list