lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Date:	Sun, 13 Nov 2011 12:11:05 +0100
From:	Bruno Prémont <bonbons@...ux-vserver.org>
To:	unlisted-recipients:; (no To-header on input)
Cc:	Al Viro <viro@...iv.linux.org.uk>, linux-fsdevel@...r.kernel.org,
	linux-kernel@...r.kernel.org
Subject: Re: [resolved] Filesystem (directory) permissions meaning
 difference for x86_64 and x86 for 3.1?

On Wed, 09 November 2011 Bruno Prémont wrote:
> On a x86_64 system I'm getting permission denied when trying to chdir()
> into a directory where I have only 'x' permissions (be it with unix
> permissions or with posix ACLs).
> For the same layout of directory I can successfully chdir() on x86 as I
> can with older kernels of 2.6 series.
> 
> In both cases the filesystem is tmpfs with support for posix ACLs and
> kernel is 3.1.0.
> 
> 
> Directory layout:
> drwx--x---  3 root test   60 Nov  9 21:14 /tmp/btest
> drwxrwx---  2 root test   40 Nov  9 21:14 /tmp/btest/subtest
> drwxr-x---+ 3 root root   60 Nov  9 21:10 /tmp/test
> drwxrwx---+ 2 root root   40 Nov  9 21:10 /tmp/test/subtest
> 
> Posix ACLs
> # file: /tmp/test
> # owner: root
> # group: root
> user::rwx
> group::r-x
> group:test:--x
> mask::r-x
> other::---
> 
> # file: test/subtest/
> # owner: root
> # group: root
> user::rwx
> group::r-x
> group:test:rwx
> mask::rwx
> other::---
> 
> 
> When executing as user test (with test as only group), on x86_64 I get
> EPERM on chdir(X) where X is any one of the 4 directories above.
> 
> On x86 I can chdir() into the directory without issue (as expected),
> and when in /tmp/test (or /tmp/btest) I get EPERM when trying to list
> contents - expected as well. Under subtest I can list content.
> 
> The same results are obtained on XFS filesystem.
> 
> Any idea what's wrong?

The issue was two entries in /etc/group for the same group name but with
two distinct GIDs :/
This explains why I could not reproduce on a different system!

Bruno
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ