André Braga wrote: > A post scriptum to the original message: > The buggy behaviour won't affect the host system, but the jail could > well be compromised. I also have this feeling that ACLs also aren't > respected inside jails or can be overwritten as easily as shown below > > Thanks, > André for all folks who have deep consideration of FS: We do not know well around MAC and ACL. Someone knows well around those, please teach us. Does MAC have a information of schg of chflags? for all folks who have deep consideration of FS: part2 Yeah, it is possible to make capability for setting the ALC and MAC information to the upper layer of the unionfs. With that, we must consider the policy that what information should be copied to shadow file when it makes shadow file. Without the policy, we cannot make it. We want to know your opinions if you have deep consideration of it. What do you make of it? -- Daichi GOTO, http://people.freebsd.org/~daichiReceived on Thu Jun 01 2006 - 05:54:18 UTC
This archive was generated by hypermail 2.4.0 : Wed May 19 2021 - 11:38:56 UTC