We spent quite some time today tracking down an obscure Linux problem: With the commonly-used user space NFS daemon, quota doesn't seem to propagate over NFS. In theory, quota is enforced on the server-side.
We think we have found the bug; it's in the 2.4 kernel (but we couldn't test that, yet): The user space NFS daemon runs as root, and protects system calls that affect the file system by calling setfsuid(2) in order to drop privileges. setfsuid(2) to a non-root user will clear all capability bits in CAP_FS_MASK. The CAP_SYS_RESOURCE bit (1 << 24) is not included in that mask, and it controls (besides no less than 7 actual capabilities) whether or not quota is enforced.
It's amazing how the complexity introduced by the capability system leads to new bugs, instead of increasing system security.
