todo: We must implement ACLs and filesystem capabilities for SCAP.

Thanks Steve Grubb.
2026-03-21 22:53:37 +00:00 · 2012-11-15 15:35:25 +00:00
parent a41629deb9
commit 2f321ced21
1 changed files with 23 additions and 1 deletions
--- a/24
+++ b/24
@@ -48,7 +48,6 @@ Ideas for extra commands

  General glibc / core programs:
    chgrp
-    setfacl, getfacl

  ext2 properties:
    badblocks
@@ -588,3 +587,26 @@ is very poorly designed and essentially impossible for us to use:

 particularly if we also want to maintain backwards compatibility with
 Ruby 1.8, and/or maintain volatile VALUEs on the stack.
+
+ACLs and capabilities
+---------------------
+
+We need to model both filesystem ACLs and filesystem capabilities
+through the API.  This is particularly important in order to be able
+to implement SCAP.
+
+ACLs can be read and written using the acl(5) library and the
+functions like acl_set_file(3) etc.
+
+Setting the ACL on a file sets the extended attribute
+'system.posix_acl_access' to a binary blob.  The kernel has a whole
+bunch of complex code that seems to interpret these
+(linux/fs/posix_acl.c).
+
+Filesystem capabilities can be read and written using the libcap(3)
+library and functions like cap_get_file, cap_set_file.
+
+Setting fs capabilities on a file sets the extended attribute
+'security.capability' to a binary blob.  These are implemented using a
+Linux Security Module (security/capability.c) and presumably by
+something in exec, but I couldn't see exactly how this works.