On Wed, Oct 16, 2013 at 05:25:37PM +0800, Anand Jain wrote: > Ah. good catch. but what do you suggest. ? > as of now user on disk-group is able to do things like, > check --repair. but won't be able to list the subvol / > manage the snapshots, and is able to run btrfs fi show -d > but won't be able to run btrfs fi show / -m. what do we > do in this case ? We can drop the CAP_SYS_ADMIN check from btrfs_ioctl_fs_info, it does not do or revealy sensitive information. > OR when /sys interface is ready that should help to manage > based on the user-groups.? This could be decided case by case if a sysfs file should not be publicly readable, otherwise let them be readable to everyone. david -- To unsubscribe from this list: send the line "unsubscribe linux-btrfs" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
