mirror of https://github.com/mkerrisk/man-pages
attr.7: srcfix: wrap long lines and wrap at end of sentences
Signed-off-by: Michael Kerrisk <mtk.manpages@gmail.com>
This commit is contained in:
parent
5d993ac57d
commit
933e467539
26
man7/attr.7
26
man7/attr.7
|
@ -76,11 +76,11 @@ Currently the
|
|||
.IR trusted ,
|
||||
and
|
||||
.IR user
|
||||
extended attribute classes are defined as described below. Additional
|
||||
classes may be added in the future.
|
||||
extended attribute classes are defined as described below.
|
||||
Additional classes may be added in the future.
|
||||
.SS Extended security attributes
|
||||
The security attribute namespace is used by kernel security modules,
|
||||
such as Security Enhanced Linux.
|
||||
such as Security Enhanced Linux.
|
||||
Read and write access permissions to security attributes depend on the
|
||||
policy implemented for each security attribute by the security module.
|
||||
When no security module is loaded, all processes have read access to
|
||||
|
@ -88,7 +88,8 @@ extended security attributes, and write access is limited to processes
|
|||
that have the CAP_SYS_ADMIN capability.
|
||||
.SS Extended system attributes
|
||||
Extended system attributes are used by the kernel to store system
|
||||
objects such as Access Control Lists and Capabilities. Read and write
|
||||
objects such as Access Control Lists and Capabilities.
|
||||
Read and write
|
||||
access permissions to system attributes depend on the policy implemented
|
||||
for each system attribute implemented by filesystems in the kernel.
|
||||
.SS Trusted extended attributes
|
||||
|
@ -101,19 +102,24 @@ to which ordinary processes should not have access.
|
|||
.SS Extended user attributes
|
||||
Extended user attributes may be assigned to files and directories for
|
||||
storing arbitrary additional information such as the mime type,
|
||||
character set or encoding of a file. The access permissions for user
|
||||
character set or encoding of a file.
|
||||
The access permissions for user
|
||||
attributes are defined by the file permission bits.
|
||||
.PP
|
||||
The file permission bits of regular files and directories are
|
||||
interpreted differently from the file permission bits of special files
|
||||
and symbolic links. For regular files and directories the file
|
||||
and symbolic links.
|
||||
For regular files and directories the file
|
||||
permission bits define access to the file's contents, while for device special
|
||||
files they define access to the device described by the special file.
|
||||
The file permissions of symbolic links are not used in access
|
||||
checks. These differences would allow users to consume filesystem resources in
|
||||
a way not controllable by disk quotas for group or world writable special files and directories.
|
||||
The file permissions of symbolic links are not used in access checks.
|
||||
These differences would allow users to consume filesystem resources in
|
||||
a way not controllable by disk quotas for group or world writable
|
||||
special files and directories.
|
||||
.PP
|
||||
For this reason, extended user attributes are only allowed for regular files and directories, and access to extended user attributes is restricted to the
|
||||
For this reason,
|
||||
extended user attributes are only allowed for regular files and directories,
|
||||
and access to extended user attributes is restricted to the
|
||||
owner and to users with appropriate capabilities for directories with the
|
||||
sticky bit set (see the
|
||||
.BR chmod (1)
|
||||
|
|
Loading…
Reference in New Issue