[PATCH] security: Use org namespace for xattrs on macOS
mprivozn at redhat.com
Wed Oct 28 19:25:46 UTC 2020
On 10/28/20 8:16 PM, Andrea Bolognani wrote:
> On Mon, 2020-10-26 at 00:25 +0300, Roman Bolshakov wrote:
>> There're no guidelines on what namespace should be used but it seems
>> thirdparty apps can select the one they like , i.e. freedekstop
>> xattrs are prefixed with xdg.
>> qemusecuritytest passes after that.
>> 1. https://www.freedesktop.org/wiki/CommonExtendedAttributes/
>> Signed-off-by: Roman Bolshakov <r.bolshakov at yadro.com>
>> src/security/security_util.c | 2 ++
>> 1 file changed, 2 insertions(+)
>> diff --git a/src/security/security_util.c b/src/security/security_util.c
>> index 7fa5163fe4..5d50acb574 100644
>> --- a/src/security/security_util.c
>> +++ b/src/security/security_util.c
>> @@ -56,6 +56,8 @@ VIR_LOG_INIT("security.security_util");
>> # define XATTR_NAMESPACE "trusted"
>> #elif defined(__FreeBSD__)
>> # define XATTR_NAMESPACE "system"
>> +#elif defined(__APPLE__)
>> +# define XATTR_NAMESPACE "org"
> Considering that Apple uses com.apple for its own xattrs, libvirt
> using org.libvirt makes sense to me.
One thing to consider here (and my rough googling did not help) is that
we need the namespace to be RW only by root. If it were writable by a
regular user (e.g "user." on linux) then a regular user could trick us
to chown() the file to whatever user they please. Is "org" (and per your
commit message in fact any XATTR namespace, since it doesn't look like
mac os has any notion of namespaces after all) writable by root only?
More information about the libvir-list