lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Date:	Sun, 11 Feb 2007 22:01:50 -0800
From:	Andreas Gruenbacher <agruen@...e.de>
To:	akpm@...ux-foundation.org
Cc:	torvalds@...ux-foundation.org, hugh@...itas.com,
	linux-ext4@...r.kernel.org, tigran@...azian.fsnet.co.uk
Subject: Re: [patch 206/241] fix umask when noACL kernel meets extN tuned for ACLs

On Saturday 10 February 2007 01:46, akpm@...ux-foundation.org wrote:
> From: Hugh Dickins <hugh@...itas.com>
>
> Fix insecure default behaviour reported by Tigran Aivazian: if an ext2 or
> ext3 or ext4 filesystem is tuned to mount with "acl", but mounted by a
> kernel built without ACL support, then umask was ignored when creating
> inodes - though root or user has umask 022, touch creates files as 0666,
> and mkdir creates directories as 0777.
>
> This appears to have worked right until 2.6.11, when a fix to the default
> mode on symlinks (always 0777) assumed VFS applies umask: which it does,
> unless the mount is marked for ACLs; but ext[234] set MS_POSIXACL in
> s_flags according to s_mount_opt set according to def_mount_opts.
>
> We could revert to the 2.6.10 ext[234]_init_acl (adding an S_ISLNK test);
> but other filesystems only set MS_POSIXACL when ACLs are configured.  We
> could fix this at another level; but it seems most robust to avoid setting
> the s_mount_opt flag in the first place (at the expense of more ifdefs).
>
> Likewise don't set the XATTR_USER flag when built without XATTR support.
>
> Signed-off-by: Hugh Dickins <hugh@...itas.com>
> Cc: Tigran Aivazian <tigran@...azian.fsnet.co.uk>
> Cc: <linux-ext4@...r.kernel.org>
> Cc: Andreas Gruenbacher <agruen@...e.de>
> Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>

Ack -- and thanks for this fix!

Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Powered by blists - more mailing lists