acl-devel
[Top][All Lists]
Advanced

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

Re: [Acl-devel] acl_{set,get}_file nofollow variants


From: Mike Frysinger
Subject: Re: [Acl-devel] acl_{set,get}_file nofollow variants
Date: Sun, 21 Jan 2018 00:40:28 -0500

On 21 May 2017 11:09, Knister, Aaron S. (GSFC-606.2)[COMPUTER SCIENCE CORP] 
wrote:
> As part of a mass user id number change this past year I wrote some tools to 
> deal with updating ACLs on our half billion files/directories. In writing the 
> tool I was trying to be security conscious so I wanted a way to be able to 
> get and set ACLs on files without worrying about race conditions between a 
> stat and setxattr/getxattr should a regular file suddenly become a symlink 
> during an acl set/get operation.
> 
> I took a similar approach to what was done with acl_extended_file and 
> acl_extended_file_nofollow and moved acl_file_{get,set} to 
> __acl_file_{get,set} and added the ability to pass in the appropriate 
> stat/*xattr functions.
> 
> Here's are the changes. I'm hoping they could get merged in case they're 
> useful to others:
> 
> https://github.com/aaronknister/acl/compare/nofollow
> 
> I'm happy to e-mail a patch via git if need be but I've not done it in a 
> while so it may take me a little while.

we don't use github, so if you want patches to be reviewed/merged,
you'll need to send them here.  `git send-email` makes that easy.
-mike

Attachment: signature.asc
Description: Digital signature


reply via email to

[Prev in Thread] Current Thread [Next in Thread]