From nobody Sun Mar 09 13:24:23 2025 X-Original-To: freebsd-current@mlmmj.nyi.freebsd.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2610:1c1:1:606c::19:1]) by mlmmj.nyi.freebsd.org (Postfix) with ESMTP id 4Z9gjd2T9hz5qHxX; Sun, 09 Mar 2025 13:24:37 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) (using TLSv1.3 with cipher TLS_AES_128_GCM_SHA256 (128/128 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256 client-signature RSA-PSS (2048 bits) client-digest SHA256) (Client CN "smtp.gmail.com", Issuer "WR4" (verified OK)) by mx1.freebsd.org (Postfix) with ESMTPS id 4Z9gjd0KsFz3Wyc; Sun, 09 Mar 2025 13:24:37 +0000 (UTC) (envelope-from rick.macklem@gmail.com) Authentication-Results: mx1.freebsd.org; none Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-5e095d47a25so6179390a12.0; Sun, 09 Mar 2025 06:24:37 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20230601; t=1741526675; x=1742131475; darn=freebsd.org; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:from:to:cc:subject:date :message-id:reply-to; bh=w8SG8wP3JYr+Xt2pkT+KZorLZZv4Ku1BadGBl13rll0=; b=cZ3TrHyw4vqPYXIkVR8pdHpyPEg3ck+WFaH4JAYBYUKd3CsTkWIVtriAwp5J0f5cSS diR4KUqNxFoLalF8Kct4Dcjj8TquZ01NhchBRvOKJX1z1lzDFBwrJ6QUd68CRYFb9Sdg VpJ3XLLw+wzIxWP0cUCOao3KRFaU0KRbg2fCEzKRaKdmgkZqsGZYkuinxV5a4c2nqBzi d4iDBzmttxvyyeppDPWSGBgMxzNAe3YE/+fhYRb1CUBaQoBzJPLpHYnCxi6jK10s3UZp Of9gyPUJrcmokqQegSj0h48D7rNoZ8uN8bJMlutFlYZCJxwlt584AOAaz6lyZCsuxkSF MSZQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1741526675; x=1742131475; h=content-transfer-encoding:cc:to:subject:message-id:date:from :in-reply-to:references:mime-version:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=w8SG8wP3JYr+Xt2pkT+KZorLZZv4Ku1BadGBl13rll0=; b=Z+TRjV3VgtIz8quVD4cHg0CoD7AGTh9i1Gkge3Vb+w45BjLvIbvG6ooOxGnS5T6p3W xWhWg91Tor/HN7b6E+zmRaHsCsrgChS5SzKnljXWTv7+caDFVRM90p75Sjom4Fn4MmGo QvLYzhH3HEfEcuKczaiLnrQNvUzTfT0w6iYcBRJxdHCZ5EndmgAVXqGxJfzDYukk13fs N3P/awSAFcEaA1RWHCFeefY8KWCY2+TbLoCv6d4PLzt6pgjG8uNk0ZTf/TXxg+BgS8LY U2Ax83s5lrzEJJWgOd98Q5woQSh3DT6LEo+LBi3/bN91MyO/nTs8Sh2yBl1uxSWM9E5Y 5KXg== X-Forwarded-Encrypted: i=1; AJvYcCX+jr5RosoonW6yVZP4krbUx5905VtTP64z8HNROYKWANPW/2AON+B0Bze8NljY9OHrT08QnZzb8M1xMWQ=@freebsd.org, AJvYcCXhcHVjL/NlJtnAab2XOVEjCBlyUOL1tLXRpJhlFfbLHvv4b4/GKUFsCVI/vMQ4ptqlJc+VODMMnpn8aLp4qgfm@freebsd.org X-Gm-Message-State: AOJu0YznOoJ9HmsS49YmCc5Ln/vjpsEMJag4fYIU4YBmWYlGUQQiPwhQ xykOPJEtP0IwM6CrSJ1gi3bPpSq5Gm4FezO8BFyyP8ZLhx3rLPHrornH39n4T01+CTrkU3q/gLr daZHwTOrddDp1VnVEWhf/Z22vsg== X-Gm-Gg: ASbGnctWShw9paImHvi1QGtk3tE3oUd2hKLI6Q3/GpIg9aqrVI4WGjBUdX+P7EDuZdH iVTW4gu5aNSmug5tXR+Jv1JSXIKjft1Ltc9AESXSYmtweWozjHVBdoTFQqmqy6h5wHUua6SBlZl PTFBA+254kLOHi9cmpj1zpJVgsPP6DrQeUS5EPDZCt4dDZclGyzh7hymzNKPA= X-Google-Smtp-Source: AGHT+IF+alaNj5xwDtofXEVude+I+ZKHWsDKTiaXr1a9FsgbLS80ngD5aEa1EE5MKYzDy+zvKeZBUe3BT9xwpi0FruE= X-Received: by 2002:a05:6402:1ed3:b0:5e5:bb58:d6bd with SMTP id 4fb4d7f45d1cf-5e5e22bf4c8mr11259528a12.10.1741526674963; Sun, 09 Mar 2025 06:24:34 -0700 (PDT) List-Id: Discussions about the use of FreeBSD-current List-Archive: https://lists.freebsd.org/archives/freebsd-current List-Help: List-Post: List-Subscribe: List-Unsubscribe: Sender: owner-freebsd-current@FreeBSD.org MIME-Version: 1.0 References: In-Reply-To: From: Rick Macklem Date: Sun, 9 Mar 2025 06:24:23 -0700 X-Gm-Features: AQ5f1JpcG4Uit3Q5gPQcDTtF9NVlU5RYK-fl95n5_JYkmq1NrpRGRWH8ILU5Eqo Message-ID: Subject: Re: RFC: Solaris style extended attributes for FreeBSD To: Andrew Walker Cc: Konstantin Belousov , freebsd-arch@freebsd.org, FreeBSD CURRENT , Cedric Blancher , Lionel Cons Content-Type: text/plain; charset="UTF-8" Content-Transfer-Encoding: quoted-printable X-Rspamd-Pre-Result: action=no action; module=replies; Message is reply to one we originated X-Spamd-Result: default: False [-4.00 / 15.00]; REPLY(-4.00)[]; TAGGED_FROM(0.00)[]; TAGGED_RCPT(0.00)[]; ASN(0.00)[asn:15169, ipnet:2a00:1450::/32, country:US] X-Rspamd-Queue-Id: 4Z9gjd0KsFz3Wyc X-Spamd-Bar: ---- On Sun, Mar 9, 2025 at 5:46=E2=80=AFAM Andrew Walker wrote: > > Out of curiosity, how are you preventing users from creating / writing > xattrs with the `system?` name prefix. In ZFS on FreeBSD IIRC this > prefix is used to determine whether the corresponding attribute when > accessed via the extattr interface is in the user or system > namespaces. A couple of comments... 1 - My current thinking would be a ZFS fs would be configured for one or the other (mixing them is weird as noted by the next comment), There is currently the xattr property that can be set to "dir" or "sa"= . 2 - I haven't looked at system space FreeBSD attributes yet (I will), but when mixing them, you can get two attributes with the same name showing up in the named attribute directory (the open gets the named attribute one). I haven't yet figured out how to get rid of the duplic= ate. 3 - I assume the patch could include code that excludes "system.xxx" names from the directory. (I'll do some testing.) > I vaguely recall some people may have patched the FreeBSD > samba server for instance so that it writes security information > related into the system namespace when samba is configured as a domain > controller so some care needs to be taken with namespaces. > > You may also need to potentially restrict ones with `security.` and > `trusted.` prefixes in case the ZFS data is replicated to Linux > systems (because those are privileged namespaces and it may introduce > a CVE). Thank for the info. I didn't know what Linux does. rick