extended file attributes on external devices

Alexander Boström abo at kth.se
Wed Mar 5 20:57:28 UTC 2008


ons 2008-03-05 klockan 10:09 -0500 skrev Colin Walters:
> On Tue, 2008-03-04 at 17:35 -0600, Callum Lerwick wrote:
> 
> > 
> > For what its worth, OSX handles this with its "user 99":
> > 
> > http://unixjunkie.blogspot.com/2007/03/user-99-unknown.html
> 
> That's an interesting hack.  My guess is a change like that would be
> unlikely to get into the Linux kernel, but I wonder if one could do
> something similar in userspace with FUSE and thus avoid having it impact
> the kernel security model.

If the kernel people are sceptical about magic like "map user 99 to the
uid of the user calling stat()" then perhaps it would be better to
extend ext3 to map user 99 back and forth to whatever uid was given as
mount option uid99=xxx and then have the automount magic set that option
to the current desktop user as per usual. Then it would be a filesystem
specific thing.


Another approach: Give ext3 an option (set in the superblock) to
"downgrade" to a permissions-less state similar to how ISO9660 and FAT
is handled.

Basically, it would just store file and directories as "readable",
"writable" or "executable" and then have mount-time options for setting
uid/gid and masking the mode.

Would that be utterly confusing for software and people? Should one call
it something else than ext3?

The actual on-disk format could be just uid=0, gid=0 and
mask=0400/0600/0700, and thus safe to mount on any machine where you at
least trust root, even if it doesn't have the extra mount options.

/abo




More information about the fedora-devel-list mailing list