Re: [PATCH v14 4/5] overlayfs: internal getxattr operations without sepolicy checking

On Tue, Oct 22, 2019 at 11:46 PM Mark Salyzyn wrote: > > Check impure, opaque, origin & meta xattr with no sepolicy audit > (using __vfs_getxattr) since these operations are internal to > overlayfs operations and do not disclose any data. This became > an issue for credential override off since s

[PATCH v14 4/5] overlayfs: internal getxattr operations without sepolicy checking

Check impure, opaque, origin & meta xattr with no sepolicy audit (using __vfs_getxattr) since these operations are internal to overlayfs operations and do not disclose any data. This became an issue for credential override off since sys_admin would have been required by the caller; whereas would h