| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <E1JuBCt-0008E1-4E@pomaz-ex.szeredi.hu> Date: Thu, 08 May 2008 20:51:07 +0200 From: Miklos Szeredi <miklos@...redi.hu> To: hch@...radead.org CC: miklos@...redi.hu, akpm@...ux-foundation.org, hch@...radead.org, viro@...IV.linux.org.uk, linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org, hirofumi@...l.parknet.co.jp, sds@...ho.nsa.gov, jmorris@...ei.org, casey@...aufler-ca.com Subject: Re: [patch 07/24] fat: dont call notify_change > > From: Miklos Szeredi <mszeredi@...e.cz> > > > > The FAT_IOCTL_SET_ATTRIBUTES ioctl() calls notify_change() to change > > the file mode before changing the inode attributes. Replace with > > explicit call to fat_setattr(). > > > > This is equivalent, except that security_inode_setattr() is not called > > before fat_setattr(). I think this is not needed, since the mode > > change is just a side effect of the attribute change. > > Actually I think we want the security_inode_setattr. This is an > implicit chmode when switching the ATTR_RO flag on and off and we should > have the full security check for it. Yes, I'm a bit uncertain about this. It's a user action that triggers the mode change. On the other hand it's just a side effect of the ioctl. I can re-add the security check just to be on the safe side, but probably nobody cares. Miklos -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists