lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAH7=fosGV3AOcU9tG0AK3EJ2yTXZL3KGfsuVUA5gMBjC4Nn-WQ@mail.gmail.com>
Date:   Tue, 21 Apr 2020 16:21:52 +0530
From:   Chakra Divi <chakragithub@...il.com>
To:     Miklos Szeredi <miklos@...redi.hu>
Cc:     linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: Re: [PATCH] fuse:rely on fuse_perm for exec when no mode bits set

On Mon, Apr 20, 2020 at 4:55 PM Miklos Szeredi <miklos@...redi.hu> wrote:
>
> On Wed, Apr 1, 2020 at 11:31 AM Chakra Divi <chakragithub@...il.com> wrote:
> >
> > In current code, for exec we are checking mode bits
> > for x bit set even though the fuse_perm_getattr returns
> > success. Changes in this patch avoids mode bit explicit
> > check, leaves the exec checking to fuse file system
> > in uspace.
>
> Why is this needed?

Thanks for responding Miklos. We have an use case with our remote file
system mounted on fuse , where permissions checks will happen remotely
without the need of mode bits. In case of read, write it worked
without issues. But for executable files, we found that fuse kernel is
explicitly checking 'x' mode bit set on the file. We want this
checking also to be pushed to remote instead of kernel doing it - so
modified the kernel code to send getattr op to usespace in exec case
too.

> Thanks,
> Miklos

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ