commit | b2a40eaef694b35ae39f1924b3bee95595676e25 | [log] [tgz] |
---|---|---|
author | Miklos Szeredi <mszeredi@redhat.com> | Mon May 29 15:15:27 2017 +0200 |
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | Fri Apr 13 19:48:12 2018 +0200 |
tree | 7e7ebc68a77ec27ed99c1ccc20af9e910b6c92cd | |
parent | 3291bb532df5181352acfb492fc18b7110172670 [diff] |
ovl: filter trusted xattr for non-admin [ Upstream commit a082c6f680da298cf075886ff032f32ccb7c5e1a ] Filesystems filter out extended attributes in the "trusted." domain for unprivlieged callers. Overlay calls underlying filesystem's method with elevated privs, so need to do the filtering in overlayfs too. Signed-off-by: Miklos Szeredi <mszeredi@redhat.com> Signed-off-by: Sasha Levin <alexander.levin@microsoft.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>