| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20200916002253.GP3265@brightrain.aerifal.cx>
Date: Tue, 15 Sep 2020 20:22:54 -0400
From: Rich Felker <dalias@...c.org>
To: linux-api@...r.kernel.org
Cc: Alexander Viro <viro@...iv.linux.org.uk>,
Christoph Hellwig <hch@...radead.org>,
linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org
Subject: [PATCH v2 1/2] vfs: block chmod of symlinks
It was discovered while implementing userspace emulation of fchmodat
AT_SYMLINK_NOFOLLOW (using O_PATH and procfs magic symlinks; otherwise
it's not possible to target symlinks with chmod operations) that some
filesystems erroneously allow access mode of symlinks to be changed,
but return failure with EOPNOTSUPP (see glibc issue #14578 and commit
a492b1e5ef). This inconsistency is non-conforming and wrong, and the
consensus seems to be that it was unintentional to allow link modes to
be changed in the first place.
Signed-off-by: Rich Felker <dalias@...c.org>
---
fs/open.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/fs/open.c b/fs/open.c
index 9af548fb841b..cdb7964aaa6e 100644
--- a/fs/open.c
+++ b/fs/open.c
@@ -570,6 +570,12 @@ int chmod_common(const struct path *path, umode_t mode)
struct iattr newattrs;
int error;
+ /* Block chmod from getting to fs layer. Ideally the fs would either
+ * allow it or fail with EOPNOTSUPP, but some are buggy and return
+ * an error but change the mode, which is non-conforming and wrong. */
+ if (S_ISLNK(inode->i_mode))
+ return -EOPNOTSUPP;
+
error = mnt_want_write(path->mnt);
if (error)
return error;
--
2.21.0
Powered by blists - more mailing lists