able to write named attributes to a read only file (Solaris)
Alan Bateman
Alan.Bateman at Sun.COM
Tue Jun 10 03:16:58 PDT 2008
Rajendra Gutupalli wrote:
> Hi Alan,
>
> It is surprising that I am able to add named attributes to a file with
> read only permissions in Solaris where as it throws FSE:Permission
> denied in Linux for the read only file.
> Please see the following series of events I did in Solaris machine.
>
> 1) created a file "testfile1" set permissions to 777 and added a named
> attribute attr.2
> 2) changed the file "testfile1" permissions to 400 and tried adding
> attribute attr.3. it went successfully and used 'runat' command tool
> to see what are the attributes in files namespace.
> 3) changed file permissions of a attribute attr.3 and tried to
> replace the attribute now I got FSE: Permission denied exception.
> 4) Again I added one more attribute attr.4 . it is successfully added
> to the same file "testfile1" with .
> 5) finally checked file permissions.
>
> Here the file "testfile1" lies in NFSV4 mounted volume. I tried in
> local file system in Solaris and the behavior was same.
NFSv4 uses ACLs rather than the traditional Unix permissions. Since you
observe it on the local file system then I assume it must be ZFS which
uses NFSv4 ACLs natively. In that case "ls -v testfile1" should reveal
all. You'll find that the chmod 400 translated the permissions into an
ACL that denies you write access to the file and you are allowed
"write_xattr". This is the ACL permission that allows you write access
to "extended attributes" (Solaris and NFSv4 speak for named subfiles).
-Alan.
More information about the nio-dev
mailing list