[<prev] [next>] [<thread-prev] [day] [month] [year] [list]
Message-Id: <200702112201.50952.agruen@suse.de>
Date: Sun, 11 Feb 2007 22:01:50 -0800
From: Andreas Gruenbacher <agruen@...e.de>
To: akpm@...ux-foundation.org
Cc: torvalds@...ux-foundation.org, hugh@...itas.com,
linux-ext4@...r.kernel.org, tigran@...azian.fsnet.co.uk
Subject: Re: [patch 206/241] fix umask when noACL kernel meets extN tuned for ACLs
On Saturday 10 February 2007 01:46, akpm@...ux-foundation.org wrote:
> From: Hugh Dickins <hugh@...itas.com>
>
> Fix insecure default behaviour reported by Tigran Aivazian: if an ext2 or
> ext3 or ext4 filesystem is tuned to mount with "acl", but mounted by a
> kernel built without ACL support, then umask was ignored when creating
> inodes - though root or user has umask 022, touch creates files as 0666,
> and mkdir creates directories as 0777.
>
> This appears to have worked right until 2.6.11, when a fix to the default
> mode on symlinks (always 0777) assumed VFS applies umask: which it does,
> unless the mount is marked for ACLs; but ext[234] set MS_POSIXACL in
> s_flags according to s_mount_opt set according to def_mount_opts.
>
> We could revert to the 2.6.10 ext[234]_init_acl (adding an S_ISLNK test);
> but other filesystems only set MS_POSIXACL when ACLs are configured. We
> could fix this at another level; but it seems most robust to avoid setting
> the s_mount_opt flag in the first place (at the expense of more ifdefs).
>
> Likewise don't set the XATTR_USER flag when built without XATTR support.
>
> Signed-off-by: Hugh Dickins <hugh@...itas.com>
> Cc: Tigran Aivazian <tigran@...azian.fsnet.co.uk>
> Cc: <linux-ext4@...r.kernel.org>
> Cc: Andreas Gruenbacher <agruen@...e.de>
> Signed-off-by: Andrew Morton <akpm@...ux-foundation.org>
Ack -- and thanks for this fix!
Andreas
-
To unsubscribe from this list: send the line "unsubscribe linux-ext4" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists