]> git.itanic.dy.fi Git - linux-stable/commit
projects / linux-stable / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 0a99364) | patch
ovl: filter trusted xattr for non-admin
authorMiklos Szeredi <mszeredi@redhat.com>
Mon, 29 May 2017 13:15:27 +0000 (15:15 +0200)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Fri, 13 Apr 2018 17:52:16 +0000 (19:52 +0200)
commit4bcc9b4b3a0a0fcf269558db8bc54cc9586f585f
tree041051a5ccf400d00c0df0c5424943386b35b67etree | snapshot
parent0a9936458980e73306980539949a7d700eb700c1commit | diff
ovl: filter trusted xattr for non-admin

[ Upstream commit a082c6f680da298cf075886ff032f32ccb7c5e1a ]

Filesystems filter out extended attributes in the "trusted." domain for
unprivlieged callers.

Overlay calls underlying filesystem's method with elevated privs, so need
to do the filtering in overlayfs too.

Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@microsoft.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
fs/overlayfs/inode.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.