| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250702035044.47373-1-tytso@mit.edu>
Date: Tue, 1 Jul 2025 23:50:43 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: Ext4 Developers List <linux-ext4@...r.kernel.org>
Cc: "Darrick J. Wong" <djwong@...nel.org>, "Theodore Ts'o" <tytso@....edu>
Subject: [PATCH 1/2] fuse2fs: fix normal (non-kernel) permissions checking
Commit 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly") defined
a new flag, A_OK, to add support for testing whether the file is valid
for append operations. This is relevant for the check_iflags_access()
function, but when are later testing operations mask against the inode
permissions, this new flag gets in the way and causes non-root users
attempting to create new inodes in a directory to fail. Fix this by
masking off A_OK before doing these tests.
Fixes: 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly")
Signed-off-by: Theodore Ts'o <tytso@....edu>
---
misc/fuse2fs.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index bb75d9421..d209bc790 100644
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -687,6 +687,9 @@ static int check_inum_access(struct fuse2fs *ff, ext2_ino_t ino, int mask)
return -EACCES;
}
+ /* Remove the O_APPEND flag before testing permissions */
+ mask &= ~A_OK;
+
/* allow owner, if perms match */
if (inode_uid(inode) == ctxt->uid) {
if ((mask & (perms >> 6)) == mask)
--
2.47.2
Powered by blists - more mailing lists