Re: [2.5.73-mm1 XFS] restrict_chown and quotas

Arjan van de Ven (arjanv@redhat.com)
25 Jun 2003 16:25:44 +0200

Messages sorted by: [ date ][ thread ][ subject ][ author ]
Next message: Yigit Can: "SPI driver"
Previous message: Lou Langholtz: "Re: [RFC][PATCH] nbd driver for 2.5+: fix locking issues with ioctl"
In reply to: Steve Lord: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"
Next in thread: Christoph Hellwig: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"
Reply: Christoph Hellwig: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"

This is a MIME-formatted message. If you see this text it means that your
E-mail software does not support MIME-formatted messages.

--=_courier-3268-1056551252-0001-2
Content-Type: text/plain
Content-Transfer-Encoding: quoted-printable

On Wed, 2003-06-25 at 15:41, Marek Habersack wrote:
> On Wed, Jun 25, 2003 at 07:51:43AM -0500, Steve Lord scribbled:
> [snip]
> > > For me both of the described situations seem to be a bug, but I mig=
ht be
> > > unaware of the rationale behind the functionality. If this is suppose=
d to be
> > > that way, maybe at least it would be better to default restrict_chown=
to
> > > enabled initially? The behavior with restrict_chown is totally differ=
ent to
> > > what users/administrators are used to and, as shown in the debian pac=
kage
> > > build case, it might cause problems in usual situations. Also the quo=
ta
> > > issue is likely to be an excellent tool for local DoS.
> > > So, am I wrong in thinking that it's a bug (or at least the quota p=
art of
> > > it) or not?
> >=20
> > Sorry about this, the defaults for the systunes have been messed up
> > recently. This is supposed to be on by default, irix_sgid_inherit
> > is on, but should be off by default.=20
> >=20
> > You can switch the behavior with /proc/sys/fs/xfs/restrict_chown
> > and irix_sgid_inherit.
> Yep, that's what I did. I was just caught by surprise discovering the new
> behavior :) and it if it was to be the default, it would have created a b=
ig
> problem for distributions compatibility-wise.
> =20
> > You can also edit xfs_globals.c to switch the default at boot time.
> > We will switch it back in the next update to Linus.
> Great, that's good enough.
> =20
> > As for the quota operation, the normal chown situation is going
> > from root to another id, and in that case, you want the quota to
> > go to the end user.=20

another question is why is this a filesystem specific option and not a
generic option ?

--=_courier-3268-1056551252-0001-2
Content-Type: application/pgp-signature; name="signature.asc"
Content-Transfer-Encoding: 7bit
Content-Description: This is a digitally signed message part

-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.2 (GNU/Linux)

iD8DBQA++bDnxULwo51rQBIRAmrrAJ40s/+kZBLziZW7Q3Io7Oe+LenjtQCeIsBb
YKBz3mbyLkU6hjdu3jGTe58=
=2tfq
-----END PGP SIGNATURE-----

--=_courier-3268-1056551252-0001-2--

Next message: Yigit Can: "SPI driver"
Previous message: Lou Langholtz: "Re: [RFC][PATCH] nbd driver for 2.5+: fix locking issues with ioctl"
In reply to: Steve Lord: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"
Next in thread: Christoph Hellwig: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"
Reply: Christoph Hellwig: "Re: [2.5.73-mm1 XFS] restrict_chown and quotas"