| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-id: <20080612090629.GX3726@webber.adilger.int> Date: Thu, 12 Jun 2008 03:06:29 -0600 From: Andreas Dilger <adilger@....com> To: Duane Griffin <duaneg@...da.com> Cc: akpm@...ux-foundation.org, linux-ext4@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH 4/6] ext2: tighten restrictions on inode flags On Jun 11, 2008 01:04 +0100, Duane Griffin wrote: > At the moment there are few restrictions on which flags may be set on which > inodes. Specifically DIRSYNC may only be set on directories and IMMUTABLE > and APPEND may not be set on links. Tighten that to disallow TOPDIR being > set on non-directories and SECRM, UNRM, COMPR, SYNC, DIRTY, COMPRBLK, > NOCOMP, ECOMPR, INDEX, JOURNAL_DATA and NOTAIL being set on anything but > regular files or directories. > > Introduce a flags masking function which masks flags based on mode and use > it during inode creation and when flags are set via the ioctl to facilitate > future consistency. This second set of patches is missing out on the presence of the "EXT2_FL_USER_MODIFIABLE" mask in ext2_ioctl(EXT2_IOC_SETFLAGS). This is what prevents "unsettable" flags from being set from userspace. I don't have any objection to additional filtering to avoid setting the USER_MODIFIABLE flags on special files. Cheers, Andreas -- Andreas Dilger Sr. Staff Engineer, Lustre Group Sun Microsystems of Canada, Inc. -- To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
Powered by blists - more mailing lists