lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list]
Message-Id: <201003011700.25301.jon@severinsson.net>
Date:	Mon, 1 Mar 2010 17:00:19 +0100
From:	Jon Severinsson <jon@...erinsson.net>
To:	linux-fsdevel@...r.kernel.org
Cc:	linux-kernel@...r.kernel.org
Subject: [RFC PATCH] CIFS posix acl permission checking

Hello everyone

Firstly, please note that I'm new to the kernel community, so if I'm doing 
something wrong, just please politely point it out to me and I'll try to fix 
it, or at the very least not do it again. Also please bear in mind that 
English isn't my native language.

Anyway, I recently realised that while the CIFS file system driver in Linux 
does supports posix acl retrieval and modification using the getfacl and 
setfacl command line tools, it does not use acl for client side permission 
checking. On the server side Samba does consult the acl, but that doesn't 
really help when cifs.ko never even asks the server, due to the users only 
source of permission being from an acl.

I'm attaching a first attempt at implementing it. I have tested it, but only on 
a single setup, so I can give no guarantees to its portability. Also please 
note that this is my first kernel patch, so if I'm doing something wrong, such 
as not following some coding standard, please enlighten me and I'll gladly fix 
it.

I only subscribed to the linux-fsdevel list, so please include it in any 
response you might send.

Best Regards
Jon Severinsson

View attachment "cifs-acl-permission-check-v1.patch" of type "text/x-patch" (5063 bytes)

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ