You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
We should be able to control access to file metadata (e.g. chmod, chgrp, setxattr, getxattr, utime). Some path-based LSM hooks enable to control a subset of these modifications, but we should provide users a safe and simple way to group these accesses, like with the following access rights:
LANDLOCK_ACCESS_FS_READ_METADATA: read any file/dir metadata;
LANDLOCK_ACCESS_FS_WRITE_SAFE_METADATA: change file times, user xattr;
LANDLOCK_ACCESS_FS_WRITE_UNSAFE_METADATA: interpreted by the kernel, mostly xattr/chmod/chown that could change non-Landlock DAC or MAC, which could be considered as a policy bypass, or other various xattr that might be interpreted by filesystems. This should be denied most of the time.
We should be able to control access to file metadata (e.g.
chmod
,chgrp
,setxattr
,getxattr
,utime
). Some path-based LSM hooks enable to control a subset of these modifications, but we should provide users a safe and simple way to group these accesses, like with the following access rights:LANDLOCK_ACCESS_FS_READ_METADATA
: read any file/dir metadata;LANDLOCK_ACCESS_FS_WRITE_SAFE_METADATA
: change file times, user xattr;LANDLOCK_ACCESS_FS_WRITE_UNSAFE_METADATA
: interpreted by the kernel, mostly xattr/chmod/chown that could change non-Landlock DAC or MAC, which could be considered as a policy bypass, or other various xattr that might be interpreted by filesystems. This should be denied most of the time.This work depends on #9.
See https://lore.kernel.org/all/Ywpw66EYRDTQIyTx@nuc/
The text was updated successfully, but these errors were encountered: