1. 17 10月, 2017 1 次提交
  2. 12 10月, 2017 1 次提交
  3. 17 5月, 2017 1 次提交
    • D
      xfs: only return detailed fsmap info if the caller has CAP_SYS_ADMIN · ea9a46e1
      Darrick J. Wong 提交于
      There were a number of handwaving complaints that one could "possibly"
      use inode numbers and extent maps to fingerprint a filesystem hosting
      multiple containers and somehow use the information to guess at the
      contents of other containers and attack them.  Despite the total lack of
      any demonstration that this is actually possible, it's easier to
      restrict access now and broaden it later, so use the rmapbt fsmap
      backends only if the caller has CAP_SYS_ADMIN.  Unprivileged users will
      just have to make do with only getting the free space and static
      metadata placement information.
      Signed-off-by: NDarrick J. Wong <darrick.wong@oracle.com>
      Reviewed-by: NCarlos Maiolino <cmaiolino@redhat.com>
      ea9a46e1
  4. 26 4月, 2017 1 次提交
  5. 04 4月, 2017 3 次提交