diff options
author | Venkateswararao Jujjuri (JV) <jvrao@linux.vnet.ibm.com> | 2010-06-14 13:34:47 -0700 |
---|---|---|
committer | Anthony Liguori <aliguori@us.ibm.com> | 2010-06-22 15:15:51 -0500 |
commit | 879c28133dfa54b780dffbb29e4dcfc6581f6281 (patch) | |
tree | a6051be7d59bc70cb1bf7af6c11248404dcd9c60 /qjson.c | |
parent | 00ec5c37601accb2b85b089d72fc7ddff2f4222e (diff) |
virtio-9p: Security model for symlink and readlink
Mapped mode stores extended attributes in the user space of the extended
attributes. Given that the user space extended attributes are available
to regular files only, special files are created as regular files on the
fileserver and appropriate mode bits are added to the extended attributes.
This method presents all special files and symlinks as regular files on the
fileserver while they are represented as special files on the guest mount.
Implemntation of symlink in mapped security model:
A regular file is created and the link target is written to it.
readlink() reads it back from the file.
On Guest/Client:
lrwxrwxrwx 1 root root 6 2010-05-11 12:20 asymlink -> afile
On Host/Fileserver:
-rw-------. 1 root root 6 2010-05-11 09:20 asymlink
afile
Under passthrough model, it just calls underlying symlink() readlink()
system calls are used.
Under both security models, client user credentials are changed
after the filesystem objec creation.
Signed-off-by: Venkateswararao Jujjuri <jvrao@linux.vnet.ibm.com>
Signed-off-by: Anthony Liguori <aliguori@us.ibm.com>
Diffstat (limited to 'qjson.c')
0 files changed, 0 insertions, 0 deletions