lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite for Android: free password hash cracker in your pocket
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <20250702035044.47373-1-tytso@mit.edu>
Date: Tue,  1 Jul 2025 23:50:43 -0400
From: "Theodore Ts'o" <tytso@....edu>
To: Ext4 Developers List <linux-ext4@...r.kernel.org>
Cc: "Darrick J. Wong" <djwong@...nel.org>, "Theodore Ts'o" <tytso@....edu>
Subject: [PATCH 1/2] fuse2fs: fix normal (non-kernel) permissions checking

Commit 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly") defined
a new flag, A_OK, to add support for testing whether the file is valid
for append operations.  This is relevant for the check_iflags_access()
function, but when are later testing operations mask against the inode
permissions, this new flag gets in the way and causes non-root users
attempting to create new inodes in a directory to fail.  Fix this by
masking off A_OK before doing these tests.

Fixes: 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly")
Signed-off-by: Theodore Ts'o <tytso@....edu>
---
 misc/fuse2fs.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c
index bb75d9421..d209bc790 100644
--- a/misc/fuse2fs.c
+++ b/misc/fuse2fs.c
@@ -687,6 +687,9 @@ static int check_inum_access(struct fuse2fs *ff, ext2_ino_t ino, int mask)
 		return -EACCES;
 	}
 
+	/* Remove the O_APPEND flag before testing permissions */
+	mask &= ~A_OK;
+
 	/* allow owner, if perms match */
 	if (inode_uid(inode) == ctxt->uid) {
 		if ((mask & (perms >> 6)) == mask)
-- 
2.47.2


Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ