Project

General

Profile

Feature #3254

add support in zfs for aclmode=restricted

Added by Paul Henson over 6 years ago. Updated over 6 years ago.

Status:
Resolved
Priority:
Normal
Assignee:
Category:
zfs - Zettabyte File System
Start date:
2012-10-03
Due date:
% Done:

100%

Estimated time:
Difficulty:
Medium
Tags:

Description

ZFS ACL's are quite powerful and very useful; however, there is currently no way to protect them from being destroyed or corrupted by a drive-by chmod. There is virtually no way to simply avoid chmod. Whether it's a user or junior admin who simply doesn't know any better, or a closed binary application that is not ACL aware and uses chmod under the hood, or even the issue with NFS exclusive open that stomps on inherited ACL's, one way or another at some point your carefully constructed ACL is going to get mangled.

To prevent this, I propose adding an additional aclmode "deny", which would restrict any attempt to chmod a zfs object with a nontrivial ACL. An object with a nontrivial ACL can only have its permissions changed via ACL operations, not legacy chmod. Interestingly, the commercial EMC Isilon storage appliance supports something like this, at least based on the options listed in a demonstration (we never actually came to terms on the ridiculous NDA they wanted to actually evaluate the product, so didn't get to try it out).

I'm going to put together an initial implementation.

History

#1

Updated by Albert Lee over 6 years ago

  • Subject changed from add support in zfs for aclmode=deny to add support in zfs for aclmode=restricted
#2

Updated by Rich Lowe over 6 years ago

  • Status changed from New to Resolved
  • % Done changed from 0 to 100

Resolved in 71dbfc2

Also available in: Atom PDF