| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Mon, 20 May 2019 21:25:49 +0100
From: Nikolaus Rath <Nikolaus@...h.org>
To: Miklos Szeredi <miklos@...redi.hu>
Cc: Vivek Goyal <vgoyal@...hat.com>, linux-fsdevel@...r.kernel.org,
linux-kernel@...r.kernel.org, kvm@...r.kernel.org,
linux-nvdimm@...ts.01.org, stefanha@...hat.com,
dgilbert@...hat.com, swhiteho@...hat.com
Subject: Re: [PATCH v2 02/30] fuse: Clear setuid bit even in cache=never path
On May 20 2019, Miklos Szeredi <miklos@...redi.hu> wrote:
> On Mon, May 20, 2019 at 04:41:37PM +0200, Miklos Szeredi wrote:
>> On Wed, May 15, 2019 at 03:26:47PM -0400, Vivek Goyal wrote:
>> > If fuse daemon is started with cache=never, fuse falls back to direct IO.
>> > In that write path we don't call file_remove_privs() and that means setuid
>> > bit is not cleared if unpriviliged user writes to a file with setuid bit set.
>> >
>> > pjdfstest chmod test 12.t tests this and fails.
>>
>> I think better sulution is to tell the server if the suid bit needs to be
>> removed, so it can do so in a race free way.
>>
>> Here's the kernel patch, and I'll reply with the libfuse patch.
>
> Here are the patches for libfuse and passthrough_ll.
Could you also submit them as pull requests at https://github.com/libfuse/libfuse/pulls?
Best,
-Nikolaus
--
GPG Fingerprint: ED31 791B 2C5C 1613 AF38 8B8A D113 FCAC 3C4E 599F
»Time flies like an arrow, fruit flies like a Banana.«
Powered by blists - more mailing lists