lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <34c16477b199483089586d86a0e9edd9@paragon-software.com>
Date:   Fri, 18 Sep 2020 16:39:28 +0000
From:   Konstantin Komarov <almaz.alexandrovich@...agon-software.com>
To:     Mark Harmstone <mark@...mstone.com>,
        "linux-fsdevel@...r.kernel.org" <linux-fsdevel@...r.kernel.org>
CC:     "viro@...iv.linux.org.uk" <viro@...iv.linux.org.uk>,
        "linux-kernel@...r.kernel.org" <linux-kernel@...r.kernel.org>,
        "pali@...nel.org" <pali@...nel.org>,
        "dsterba@...e.cz" <dsterba@...e.cz>,
        "aaptel@...e.com" <aaptel@...e.com>,
        "willy@...radead.org" <willy@...radead.org>,
        "rdunlap@...radead.org" <rdunlap@...radead.org>,
        "joe@...ches.com" <joe@...ches.com>,
        "nborisov@...e.com" <nborisov@...e.com>
Subject: RE: [PATCH v5 02/10] fs/ntfs3: Add initialization of super block

From: Mark Harmstone <mark.harmstone@...il.com> On Behalf Of Mark Harmstone
Sent: Friday, September 11, 2020 7:19 PM
> Subject: Re: [PATCH v5 02/10] fs/ntfs3: Add initialization of super block
> 
> Am I right in that inodes will only ever be created with one of two security
> descriptors? This seems like a significant shortcoming - Windows doesn't have
> traverse checking turned on by default, which means a file created by Linux
> will be accessible to any user on Windows, provided they know its name.
> 
> There's documentation on how to compute a SD on MSDN, but it's not trivial:
> https://docs.microsoft.com/en-us/openspecs/windows_protocols/ms-dtyp/98267ad6-66db-4a2c-972e-efb7d4603da1
> 

Hi Mark! You are right. Also, in V6 the single default value will be used.
This implementation is not positioned as full specs implemetation, however.
Please check out our V6, it has several adjustments on SDs inspired
by your feedback.

> On 11/9/20 3:10 pm, Konstantin Komarov wrote:
> > This adds initialization of super block
> >
> > Signed-off-by: Konstantin Komarov <almaz.alexandrovich@...agon-software.com>
> > ---
> >  fs/ntfs3/fsntfs.c | 2210 +++++++++++++++++++++++++++++++++++++
> >  fs/ntfs3/index.c  | 2639 +++++++++++++++++++++++++++++++++++++++++++++
> >  fs/ntfs3/inode.c  | 2004 ++++++++++++++++++++++++++++++++++
> >  fs/ntfs3/super.c  | 1430 ++++++++++++++++++++++++
> >  4 files changed, 8283 insertions(+)
> >  create mode 100644 fs/ntfs3/fsntfs.c
> >  create mode 100644 fs/ntfs3/index.c
> >  create mode 100644 fs/ntfs3/inode.c
> >  create mode 100644 fs/ntfs3/super.c
> >
> > diff --git a/fs/ntfs3/fsntfs.c b/fs/ntfs3/fsntfs.c
> > new file mode 100644
> > index 000000000000..3814b62331db
> > --- /dev/null
> > +++ b/fs/ntfs3/fsntfs.c
> > @@ -0,0 +1,2210 @@
> > +// SPDX-License-Identifier: GPL-2.0
> > +/*
> > + *  linux/fs/ntfs3/fsntfs.c
> > + *
> > + * Copyright (C) 2019-2020 Paragon Software GmbH, All rights reserved.
> > + *
> > + */
> > +
> > +#include <linux/blkdev.h>
> > +#include <linux/buffer_head.h>
> > +#include <linux/fs.h>
> > +#include <linux/nls.h>
> > +#include <linux/sched/signal.h>
> > +
> > +#include "debug.h"
[]
> > +	return err;
> > +}
> > +
> > +static void __exit exit_ntfs_fs(void)
> > +{
> > +	if (ntfs_inode_cachep) {
> > +		rcu_barrier();
> > +		kmem_cache_destroy(ntfs_inode_cachep);
> > +	}
> > +
> > +	unregister_filesystem(&ntfs_fs_type);
> > +}
> > +
> > +MODULE_LICENSE("GPL");
> > +MODULE_DESCRIPTION("ntfs3 filesystem");
> > +MODULE_AUTHOR("Konstantin Komarov");
> > +MODULE_ALIAS_FS("ntfs3");
> > +
> > +module_init(init_ntfs_fs) module_exit(exit_ntfs_fs)
> 

Thanks.

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ