http://bugzilla.suse.com/show_bug.cgi?id=1089349
http://bugzilla.suse.com/show_bug.cgi?id=1089349#c7
--- Comment #7 from Fabian Vogt
(In reply to Fabian Vogt from comment #5)
(In reply to Goldwyn Rodrigues from comment #4)
On second thoughts, this is a security risk.
The handling for security_inode_copy_up_xattr is the same.
Not quite. The security_inode_copy_up_xattr copies the labels which are used by selinux to impose security restrictions. It just skips selinux (the only user) specific xattr.
I'd say that the general idea is the same. [...]
I don't think there's a better way to handle this, but I'd like to be proven otherwise.
There is already a discussion on this. https://www.spinics.net/lists/linux-nfs/msg61045.html
Indeed - I wonder why I did not find that.
Workaround is to use the exported FS without ACL.
I don't think that is possible, neither on the server nor on the client side. -- You are receiving this mail because: You are on the CC list for the bug.