| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-Id: <1459660924-2960-12-git-send-email-ebiggers3@gmail.com>
Date: Sun, 3 Apr 2016 00:22:02 -0500
From: Eric Biggers <ebiggers3@...il.com>
To: linux-fsdevel@...r.kernel.org
Cc: linux-f2fs-devel@...ts.sourceforge.net, linux-ext4@...r.kernel.org,
linux-kernel@...r.kernel.org, jaegeuk@...nel.org, tytso@....edu,
mhalcrow@...gle.com, Eric Biggers <ebiggers3@...il.com>
Subject: [PATCH 11/13] fscrypto: restrict setting encryption policy to inode owner
On a filesystem with encryption enabled, a user could set an encryption
policy on any empty directory to which they have readonly access. This
is a potential security issue since such a directory might be owned by
another user, and the new encryption policy may prevent that user from
creating files in their own directory.
Fix this by requiring inode_owner_or_capable() permission to set an
encryption policy.
Signed-off-by: Eric Biggers <ebiggers3@...il.com>
---
fs/crypto/policy.c | 3 +++
1 file changed, 3 insertions(+)
diff --git a/fs/crypto/policy.c b/fs/crypto/policy.c
index cb5ba27..3f5c275 100644
--- a/fs/crypto/policy.c
+++ b/fs/crypto/policy.c
@@ -96,6 +96,9 @@ int fscrypt_set_policy(struct inode *inode, const struct fscrypt_policy *policy)
{
int ret = 0;
+ if (!inode_owner_or_capable(inode))
+ return -EACCES;
+
if (policy->version != 0)
return -EINVAL;
--
2.7.4
Powered by blists - more mailing lists