diff options
author | Richard W.M. Jones <rjones@redhat.com> | 2012-11-15 15:35:25 +0000 |
---|---|---|
committer | Richard W.M. Jones <rjones@redhat.com> | 2012-11-15 15:35:46 +0000 |
commit | 2f321ced219eeff9a2df305fd8a621c03875893f (patch) | |
tree | 7783c0e9e3b6233e9fa8dd8a6ad19b5badc1ae29 | |
parent | a41629deb965830788d6b531272a0a20767e2ce6 (diff) | |
download | libguestfs-2f321ced219eeff9a2df305fd8a621c03875893f.tar.gz libguestfs-2f321ced219eeff9a2df305fd8a621c03875893f.tar.xz libguestfs-2f321ced219eeff9a2df305fd8a621c03875893f.zip |
todo: We must implement ACLs and filesystem capabilities for SCAP.
Thanks Steve Grubb.
-rw-r--r-- | TODO | 24 |
1 files changed, 23 insertions, 1 deletions
@@ -48,7 +48,6 @@ Ideas for extra commands General glibc / core programs: chgrp - setfacl, getfacl ext2 properties: badblocks @@ -588,3 +587,26 @@ is very poorly designed and essentially impossible for us to use: particularly if we also want to maintain backwards compatibility with Ruby 1.8, and/or maintain volatile VALUEs on the stack. + +ACLs and capabilities +--------------------- + +We need to model both filesystem ACLs and filesystem capabilities +through the API. This is particularly important in order to be able +to implement SCAP. + +ACLs can be read and written using the acl(5) library and the +functions like acl_set_file(3) etc. + +Setting the ACL on a file sets the extended attribute +'system.posix_acl_access' to a binary blob. The kernel has a whole +bunch of complex code that seems to interpret these +(linux/fs/posix_acl.c). + +Filesystem capabilities can be read and written using the libcap(3) +library and functions like cap_get_file, cap_set_file. + +Setting fs capabilities on a file sets the extended attribute +'security.capability' to a binary blob. These are implemented using a +Linux Security Module (security/capability.c) and presumably by +something in exec, but I couldn't see exactly how this works. |