[PATCH v4] landlock: Clarify documentation for the LANDLOCK_ACCESS_FS_REFER right
Mickaël Salaün
mic at digikod.net
Mon Feb 27 11:02:24 UTC 2023
On 25/02/2023 00:00, Alex Colomar wrote:
> Hi Günther,
>
> On 2/21/23 17:52, Günther Noack wrote:
> [...]
>
> Sorry for taking so much time in looking into this!
>
>> + *
>> + * * The reparented file may not gain more access rights in the destination
>> + * directory than it previously had in the source directory. If this is
>> + * attempted, the operation results in an ``EXDEV`` error.
>> + *
>> + * * When linking or renaming, the ``LANDLOCK_ACCESS_FS_MAKE_*`` right for the
>> + * respective file type must be granted for the destination directory.
>> + * Otherwise, the operation results in an ``EACCES`` error.
>> + *
>> + * * When renaming, the ``LANDLOCK_ACCESS_FS_REMOVE_*`` right for the
>> + * respective file type must be granted for the source directory. Otherwise,
>> + * the operation results in an ``EACCES`` error.
>> + *
>> + * If multiple requirements are not met, the ``EACCES`` error code takes
>> + * precedence over ``EXDEV``.
>
> Is this something worth guaranteeing, or just an implementation detail
> that may easily change?
There is a deliberate effort to keep this error priority to be able to
know if a rename or link action can be replaced with a file copy, which
is useful e.g., for `mv`.
More information about the Linux-security-module-archive
mailing list