From 4407ca3a4da04c7c43bc6691819ae44f77625f16 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Mon, 2 Apr 2018 18:59:02 +0200 Subject: fusefrontend: xattr: return ENODATA for security.* and system.* "ls -l" queries security.selinux, system.posix_acl_access, system.posix_acl_default and throws error messages if it gets something else than ENODATA. --- internal/fusefrontend/xattr.go | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/internal/fusefrontend/xattr.go b/internal/fusefrontend/xattr.go index 03e127f..1d628b7 100644 --- a/internal/fusefrontend/xattr.go +++ b/internal/fusefrontend/xattr.go @@ -31,6 +31,11 @@ func (fs *FS) GetXAttr(path string, attr string, context *fuse.Context) ([]byte, if fs.isFiltered(path) { return nil, fuse.EPERM } + if !strings.HasPrefix(attr, xattrUserPrefix) { + // "ls -l" queries security.selinux, system.posix_acl_access, system.posix_acl_default + // and throws error messages if it gets something else than ENODATA. + return nil, fuse.ENODATA + } cAttr, err := fs.encryptXattrName(attr) if err != nil { return nil, fuse.ToStatus(err) -- cgit v1.2.3