lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250702035044.47373-1-tytso@mit.edu> Date: Tue, 1 Jul 2025 23:50:43 -0400 From: "Theodore Ts'o" <tytso@....edu> To: Ext4 Developers List <linux-ext4@...r.kernel.org> Cc: "Darrick J. Wong" <djwong@...nel.org>, "Theodore Ts'o" <tytso@....edu> Subject: [PATCH 1/2] fuse2fs: fix normal (non-kernel) permissions checking Commit 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly") defined a new flag, A_OK, to add support for testing whether the file is valid for append operations. This is relevant for the check_iflags_access() function, but when are later testing operations mask against the inode permissions, this new flag gets in the way and causes non-root users attempting to create new inodes in a directory to fail. Fix this by masking off A_OK before doing these tests. Fixes: 9f69dfc4e275 ("fuse2fs: implement O_APPEND correctly") Signed-off-by: Theodore Ts'o <tytso@....edu> --- misc/fuse2fs.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/misc/fuse2fs.c b/misc/fuse2fs.c index bb75d9421..d209bc790 100644 --- a/misc/fuse2fs.c +++ b/misc/fuse2fs.c @@ -687,6 +687,9 @@ static int check_inum_access(struct fuse2fs *ff, ext2_ino_t ino, int mask) return -EACCES; } + /* Remove the O_APPEND flag before testing permissions */ + mask &= ~A_OK; + /* allow owner, if perms match */ if (inode_uid(inode) == ctxt->uid) { if ((mask & (perms >> 6)) == mask) -- 2.47.2
Powered by blists - more mailing lists