lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <20101007232451.GO4681@dastard>
Date:	Fri, 8 Oct 2010 10:24:51 +1100
From:	Dave Chinner <david@...morbit.com>
To:	Andreas Wiese <aw-lkml@...erriblecrew.net>
Cc:	Linux Kernel Mailing List <linux-kernel@...r.kernel.org>,
	Ciaran McCreesh <ciaran.mccreesh@...glemail.com>,
	xfs@....sgi.com
Subject: Re: fallocate() on XFS clobbers S*ID-bits

[ added xfs list on cc ]

On Thu, Oct 07, 2010 at 08:34:19PM +0200, Andreas Wiese wrote:
> Hello.
> 
> I (with support from Cc'ed Ciaran) just noticed some odd behaviour with
> fallocate() on XFS.  After open()ing some file and setting it S*ID via
> fchmod(), S*ID bits vanish after calling fallocate() — as supposed to
> for non-root users, but it also happens for root.
> 
> Is this intended behaviour or did we spot a bug here?
> 
> At least on ext2 it works as expected, thus I guess it's the latter one.

ext2 does not support the fallocate syscall. How does ext4 behave?

> I'm running v2.6.35.7 vanilla-kernel, but diffing fs/xfs to master
> doesn't seem to address this issue.

XFS has always cleared SUID/SGID bits when doing preallocation (via
XFS_IOC_RESVSP). Given that that XFS ioctl formed the model for
fallocate, I'd argue that the XFS behaviour is the on that should be
followed.

It'd be a bit silly for two different preallocation interfaces to
have different behaviour w.r.t. SUID bits, but it's not clear to me
which behaviour is correct. I'm happy to defer to whoever can say
what the behaviour is supposed to be here...

Cheers,

Dave.
-- 
Dave Chinner
david@...morbit.com
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ