[Virtio-fs] [virtiofsd] Issue opened: Implement support for storing security info in extended attributes
virtiofs-bot at sinrega.org
virtiofs-bot at sinrega.org
Wed Oct 19 14:59:58 UTC 2022
Some user cannot use user namespaces for uid/gid mapping. Storing the security information (i.e., uid, gid, umask, etc.) in extending attributes will provide a similar functionality (although partial) than user namespaces.
Features that will not work:
- posix acls: killpriv_v2 has no clear boundary between what should be done in the guest and host, so we still rely on the host for certain actions.
Features that probably will not work:
- selinux support
- file capabilities
---
https://gitlab.com/virtio-fs/virtiofsd/-/issues/65
More information about the Virtio-fs
mailing list