On Thu, Dec 07, 2017 at 01:33:41AM +0000, Ben Hutchings wrote: > On Wed, 2017-12-06 at 19:14 -0500, Michael Stone wrote: > > On Thu, Dec 07, 2017 at 12:09:22AM +0000, Ben Hutchings wrote: > > > That's only because it lives in mm/shmem.c, not under fs/. It does > > > support xattrs. > > > > Have you tried it? > > Ah, damnit. It supports *some* xattrs (like the security namespace), > but apparently not *user* xattrs.
Good. While xattrs have some uses, this is a hidden privacy hole most users aren't aware of (although /tmp/ is the filesystem least likely to be used forensically against you). Looks like the only filesystems that allow disabling it via a mount option (nouser_xattr) are ext* and reiserfs, some more can do it via recompiling the kernel although this kills all xattrs, not just the user: namespace; most of these config options say "If unsure, say N." (other than CIFS, which is also the filesystem where your files are most likely to be readable by others) -- but they're all enabled in Debian kernels. [~]$ task add "patch btrfs for mount -o nouser_xattr" Meow! -- ⢀⣴⠾⠻⢶⣦⠀ 14:13 < icenowy[m]> are they hot enough? ;-) ⣾⠁⢰⠒⠀⣿⡁ 14:17 < icenowy[m]> I think now in Europe it should be winter? Let ⢿⡄⠘⠷⠚⠋⠀ the BPi warm you ;-) ⠈⠳⣄⠀⠀⠀⠀ 14:17 <@KotCzarny> yeah, i have a pc to warm me ;)
