Actions
Feature #12445
openimproved path enforcement for hard links
Status:
New
Priority:
Normal
Assignee:
-
Category:
Security Model
Target version:
-
% Done:
0%
Source:
Development
Tags:
Backport:
Reviewed:
Affected Versions:
Component(FS):
Client, Common/Protocol, MDS
Labels (FS):
Pull request ID:
Description
The initial path restriction will not work properly for remote links inside the security domain that link to a primary outside the restricted path.
We could improve this by inferring from the client which path was used to lookup the file. This could be done by associating the CDentry* with the Capability* for files. (For directories, the path is unambiguous.)
Updated by Sage Weil over 8 years ago
- Description updated (diff)
- Priority changed from Normal to Low
- Source changed from other to Development
Updated by Greg Farnum almost 8 years ago
- Category set to Correctness/Safety
- Priority changed from Low to Normal
Updated by Greg Farnum almost 8 years ago
- Category changed from Correctness/Safety to Security Model
- Component(FS) Client, Common/Protocol, MDS added
Actions