[Virtio-fs] [RFC PATCH 0/5] fuse: Implement FUSE_HANDLE_KILLPRIV_V2 and enable SB_NOSEC
Miklos Szeredi
miklos at szeredi.hu
Fri Aug 21 14:46:44 UTC 2020
On Fri, Jul 24, 2020 at 8:38 PM Vivek Goyal <vgoyal at redhat.com> wrote:
> If you are concerned about regression w.r.t clear of caps, then we
> can think of enabling SB_NOSEC conditionally. Say user chooses it
> as mount option. But given caps is just an outlier and currently
> we clear suid/sgid based on cache (and not based on state on server),
> I feel it might not be a huge issue.
>
> What do you think?
I think enabling xattr caching should be a separate feature, and yes,
SB_NOSEC would effectively enable xattr caching.
We could add the FUSE_CACHE_XATTR feature flag without actually adding
real caching, just SB_NOSEC...
Does that sound sane?
Thanks,
Miklos
More information about the Virtio-fs
mailing list