lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
Open Source and information security mailing list archives
| ||
|
Date: Wed, 23 Sep 2015 03:24:29 +0200 From: Andreas Gruenbacher <agruenba@...hat.com> To: "J. Bruce Fields" <bfields@...ldses.org> Cc: LKML <linux-kernel@...r.kernel.org>, linux-fsdevel <linux-fsdevel@...r.kernel.org>, linux-nfs@...r.kernel.org, linux-api@...r.kernel.org, linux-cifs@...r.kernel.org, linux-security-module@...r.kernel.org, Andreas Gruenbacher <agruen@...nel.org> Subject: Re: [RFC v7 22/41] richacl: Propagate everyone@ permissions to other aces 2015-09-21 21:24 GMT+02:00 J. Bruce Fields <bfields@...ldses.org>: > On Fri, Sep 18, 2015 at 05:56:11PM -0400, bfields wrote: >> On Sat, Sep 05, 2015 at 12:27:17PM +0200, Andreas Gruenbacher wrote: >> > + /* >> > + * If the owner mask contains permissions which are not in the group >> > + * mask, the group mask contains permissions which are not in the other >> > + * mask, or the owner class contains permissions which are not in the >> >> s/owner class/owner mask? >> >> > + * other mask, we may need to propagate permissions up from the >> > + * everyone@ allow ace. The third condition is implied by the first >> > + * two. >> > + */ >> > + if (!((acl->a_owner_mask & ~acl->a_group_mask) || >> > + (acl->a_group_mask & ~acl->a_other_mask))) >> > + return 0; >> >> The code looks right, but I don't understand the preceding comment. >> >> For example, >> >> owner mask: rw >> group mask: wx >> other mask: rw >> >> satisfies the first two conditions, but not the third. >> >> Also, I don't understand why the first condition would imply that we >> might need to propagate permissions. > > OK, maybe I get the part about the owner mask containing permissions > not in the group mask: we'll need to insert a deny ace for the bits in > the other mask but not in the group mask, and then we'll need an allow > ace for the owner to get those bits back. I think? That is indeed the reason, and it also seems clear that this wasn't documented well enough. Let me remove the offending comment and tiny optimization, and add better comments instead. >> > + if (richace_is_allow(ace) || richace_is_deny(ace)) { > > The v4 spec allows aces other than allow and deny aces (audit and > alarm), but I didn't think you were implementing those. Right, I don't see that happening. I'll remove that as well. Thanks, Andreas -- To unsubscribe from this list: send the line "unsubscribe linux-kernel" in the body of a message to majordomo@...r.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html Please read the FAQ at http://www.tux.org/lkml/
Powered by blists - more mailing lists