[Bug 277908] zfs: cannot lookup extended attributes in capability mode

https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=277908

--- Comment #4 from Shawn Webb <shawn.webb@hardenedbsd.org> ---
(In reply to Alan Somers from comment #3)
I wonder if this should have some Capsicum logic here. Perhaps only add the
VN_OPEN_NOCAPCHECK flag if the process has entered Capabilities mode *and* the
file descriptor has the CAP_EXTATTR_GET capability?

I'll take a closer look soon to see if I can enhance your patch with that
logic.

-- 
You are receiving this mail because:
You are the assignee for the bug.