Re: RFC: ACLs on fusefs
- In reply to: Shawn Webb : "Re: RFC: ACLs on fusefs"
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Sat, 03 Aug 2024 16:10:05 UTC
On Sat, Aug 3, 2024 at 10:00 AM Shawn Webb <shawn.webb@hardenedbsd.org> wrote: > > On Sat, Aug 03, 2024 at 09:03:38AM -0600, Alan Somers wrote: > > On Fri, Aug 2, 2024 at 10:13 PM Jamie Landeg-Jones <jamie@catflap.org> wrote: > > > > > > Alan Somers <asomers@FreeBSD.org> wrote: > > > > > > > TLDR; > > > > how useful would it be if fusefs(4) could support ACLs? > > > > > > I, personally, don't use ACLs generally, so have not missed them on > > > fusefs. > > > > > > However, I do make extensive use of XATTRs, so those are what I've > > > really missed. > > > > > > I didn't know xatrs were now supported - is that a new thing, or maybe > > > the client I use (borgs sshfs implementation) needs to be updated? > > > > > > Cheers, Jamie > > > > Our fusefs has supported xattrs for a long time. But the specific > > fuse file system needs support too. Looking right now, I don't see > > any support in sysutils/fusefs-sshfs . > > In fact, I have a (significantly buggy) proof-of-concept fusefs server > that stores file payload data as extended attributes. Since the tar > file format supports extended attributes, this makes data exfiltration > somewhat easier. > > Though, I suppose, since my proof-of-concept is buggy, using my > solution would make data exfil somewhat more difficult. ;-) > > Hopefully someday, I'll have the time to finish the PoC and make it > usable for production. > > PoC code: https://git.hardenedbsd.org/shawn.webb/altfs That's interesting. It looks like the opposite of what Tomoaki was describing. What's the intended application? Is it like a sort of unionfs, used to place a second file system on-top of an existing one?