| 1 |
On 29/01/2013 13:14, Duncan wrote: |
| 2 |
> For at least reiserfs, and presumably for ext4, since it has |
| 3 |
> similar kconfig options, *_FS_XATTR isn't enough, |
| 4 |
> *_FS_SECURITY must be enabled as well. |
| 5 |
|
| 6 |
Good point, even I forgot that it's part of security labels rather than |
| 7 |
xattr strict (funnily enough, PaX wasn't last time I checked). |
| 8 |
|
| 9 |
> Unfortunately, kernel-help for *_FS_SECURITY implies that it only needs |
| 10 |
> to be enabled for SELinux or the like, recommending that it be disabled |
| 11 |
> if you're not running such modules. Is it worth filing an upstream |
| 12 |
> mainline kernel bug on that as well, suggesting that it mention file-caps |
| 13 |
> as well? |
| 14 |
|
| 15 |
Most likely a good idea. |
| 16 |
|
| 17 |
-- |
| 18 |
Diego Elio Pettenò — Flameeyes |
| 19 |
flameeyes@×××××××××.eu — http://blog.flameeyes.eu/ |
Archives