| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <74f1eff1-570d-03b1-7a27-1ec343c5c3ab@redhat.com> Date: Mon, 21 Jun 2021 08:54:33 -0500 From: Connor Kuehl <ckuehl@...hat.com> To: Miklos Szeredi <miklos@...redi.hu> Cc: linux-fsdevel@...r.kernel.org, linux-kernel@...r.kernel.org Subject: Re: [PATCH] fuse: Send FUSE_WRITE_KILL_SUIDGID for killpriv v1 On 6/21/21 3:26 AM, Miklos Szeredi wrote: > On Fri, 23 Apr 2021 at 17:19, Connor Kuehl <ckuehl@...hat.com> wrote: >> >> FUSE doesn't seem to be adding the FUSE_WRITE_KILL_SUIDGID flag on write >> requests for FUSE connections that support FUSE_HANDLE_KILLPRIV but not >> FUSE_HANDLE_KILLPRIV_V2. >> >> However, the FUSE userspace header states: >> >> FUSE_HANDLE_KILLPRIV: fs handles killing suid/sgid/cap on >> write/chown/trunc >> ^^^^^ >> >> To improve backwards compatibility with file servers that don't support >> FUSE_HANDLE_KILLPRIV_V2, add the FUSE_WRITE_KILL_SUIDGID flag to write >> requests if FUSE_HANDLE_KILLPRIV has been negotiated -OR- if the >> conditions for FUSE_HANDLE_KILLPRIV_V2 support are met. > > > If server does not support FUSE_HANDLE_KILLPRIV_V2, then it does not > support FUSE_WRITE_KILL_SUIDGID either. The two were introduced > together and the latter is only meaningful if the > FUSE_HANDLE_KILLPRIV_V2 feature was negotiated. > > What am I missing? You're not missing anything, this patch is wrong. Let's nack this. Thanks! Connor
Powered by blists - more mailing lists