Extended attribute interfaces
Casey Schaufler
casey at sgi.com
Thu Sep 21 16:14:04 GMT 2000
Andreas Gruenbacher wrote:
> > What I had in mind was whether privilege allowed violation of the normal
> > restricted system EAs.
>
> Like setting an invalid ACL? For Posix.1e the rules are well defined who
> is allowed to change which information when; these rules should not be
> allowed to be bypassed at all.
Consider a backup system which uses its own system attribute
which contains the time of last backup, $tolb. There
isn't a CAP_TOLB_OVERRIDE. What capability should the backup
system have? CAP_EXT_ATTR would make sense, but how do you
prevent the backup system from setting ACLs? (I'm intentionally
ignoring the fact that you'd want that facility sometimes, BTW)
--
Casey Schaufler Manager, Trust Technology, SGI
casey at sgi.com voice: 650.933.1634
casey_p at pager.sgi.com Pager: 888.220.0607
To Unsubscribe: send mail to majordomo at cyrus.watson.org
with "unsubscribe posix1e" in the body of the message
More information about the posix1e
mailing list