On Fri, Feb 17, 2023 at 08:28:41PM +0100, Mickaël Salaün wrote:

On 16/02/2023 21:07, Günther Noack wrote:

quoted

Clarify the "refer" documentation by splitting up a big paragraph of text.

- Call out specifically that the denial by default applies to ABI v1 as well.
- Turn the three additional constraints for link/rename operations
   into bullet points, to give it more structure.

Includes wording and semantics corrections by Mickaël Salaün.

No need to add this line, It's part of the maintainer job. ;)

OK, removed for V4.

Some of my suggestions are about style, so feel free to ignore them if you
think the original is better. Anyway, I'm not a native english speaker
either, so there are good chances I'm not correct on some suggestions. What
about that?:

This is the only access right implicitly handled by any ruleset, even if
this right is not specified at ruleset creation time. Reparenting files will
then always be denied by default. Given that %LANDLOCK_ACCESS_FS_REFER is
available since the second Landlock ABI version, using the first Landlock
ABI version will always forbid file reparenting.

For these kind of link or rename actions to be possible, one or two rules
must explicitly allow %LANDLOCK_ACCESS_FS_REFER on the source and the
destination hierarchies. In addition, the following constraints must be met:

I reworded it again, it's meeting somewhere in the middle I hope. It
should be a bit better now. (Sending another version.)

Documentation is hard... it's difficult to find an objective best wording.

–-Günther