|
From: | Knister, Aaron S. (GSFC-606.2)[COMPUTER SCIENCE CORP] |
Subject: | [Acl-devel] acl_{set,get}_file nofollow variants |
Date: | Sun, 21 May 2017 11:09:54 +0000 |
Dear ACL devs,
As part of a mass user id number change this past year I wrote some tools to deal with updating ACLs on our half billion files/directories. In writing the tool I was trying to be security conscious so I wanted a way to be
able to get and set ACLs on files without worrying about race conditions between a stat and setxattr/getxattr should a regular file suddenly become a symlink during an acl set/get operation.
I took a similar approach to what was done with acl_extended_file and acl_extended_file_nofollow and moved acl_file_{get,set} to __acl_file_{get,set} and added the ability to pass in the appropriate stat/*xattr functions.
Here's are the changes. I'm hoping they could get merged in case they're useful to others:
I'm happy to e-mail a patch via git if need be but I've not done it in a while so it may take me a little while.
-Aaron
ps libacl worked great for me! Thanks for a great library.
|
[Prev in Thread] | Current Thread | [Next in Thread] |