TheCloud/fuse-overlayfs
1
0
Fork 0
mirror of https://github.com/containers/fuse-overlayfs.git synced 2025-08-04 02:15:58 -04:00
Code Issues Packages Projects Releases Wiki Activity

main: block setting the user.containers. xattr

Browse Source 
it is reserved for internal usage with containers/storage.

Signed-off-by: Giuseppe Scrivano <gscrivan@redhat.com>
This commit is contained in:
Giuseppe Scrivano 2020-11-07 12:08:12 +01:00
parent 15a04643b8
commit a513d3de66
No known key found for this signature in database
GPG Key ID: E4730F97F60286ED
1 changed files with 2 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3
main.c
View File

@ -136,6 +136,7 @@ open_by_handle_at (int mount_fd, struct file_handle *handle, int flags)
#define XATTR_PREFIX "user.fuseoverlayfs." #define XATTR_PREFIX "user.fuseoverlayfs."
#define ORIGIN_XATTR "user.fuseoverlayfs.origin" #define ORIGIN_XATTR "user.fuseoverlayfs.origin"
#define OPAQUE_XATTR "user.fuseoverlayfs.opaque" #define OPAQUE_XATTR "user.fuseoverlayfs.opaque"
#define XATTR_CONTAINERS_PREFIX "user.containers."
#define PRIVILEGED_XATTR_PREFIX "trusted.overlay." #define PRIVILEGED_XATTR_PREFIX "trusted.overlay."
#define PRIVILEGED_OPAQUE_XATTR "trusted.overlay.opaque" #define PRIVILEGED_OPAQUE_XATTR "trusted.overlay.opaque"
#define PRIVILEGED_ORIGIN_XATTR "trusted.overlay.origin" #define PRIVILEGED_ORIGIN_XATTR "trusted.overlay.origin"
@ -3286,7 +3287,7 @@ ovl_setxattr (fuse_req_t req, fuse_ino_t ino, const char *name,
return; return;
} }
if (has_prefix (name, PRIVILEGED_XATTR_PREFIX) || has_prefix (name, XATTR_PREFIX)) if (has_prefix (name, PRIVILEGED_XATTR_PREFIX) || has_prefix (name, XATTR_PREFIX) || has_prefix (name, XATTR_CONTAINERS_PREFIX))
{ {
fuse_reply_err (req, EPERM); fuse_reply_err (req, EPERM);
return; return;