http://bugzilla.suse.com/show_bug.cgi?id=1089349
http://bugzilla.suse.com/show_bug.cgi?id=1089349#c11
Goldwyn Rodrigues
Any news here? Patch got submitted, but AFAICT didn't land.
I followed up. However, Miklos says it would be better if we can suppress system.nfs4_acl if it is equal to inode->i_mode. However, nfs4_acl seems to be opaque to the client and is interpreted by knfsd only.
From what I read now, ignoring "system." does pose a security risk. A file which is allowed read for a user from a system.posix_acl_access or system.nfs4_acl will become unreadable after a copy_up operation and vice versa.
Let me look further how we can hide system.nfs4_acl -- You are receiving this mail because: You are on the CC list for the bug.