[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-Id: <20211109010807.1191567-18-sashal@kernel.org>
Date: Mon, 8 Nov 2021 20:07:52 -0500
From: Sasha Levin <sashal@...nel.org>
To: linux-kernel@...r.kernel.org, stable@...r.kernel.org
Cc: "Steven Rostedt (VMware)" <rostedt@...dmis.org>,
Sasha Levin <sashal@...nel.org>, mingo@...hat.com
Subject: [PATCH AUTOSEL 4.9 18/33] tracefs: Have tracefs directories not set OTH permission bits by default
From: "Steven Rostedt (VMware)" <rostedt@...dmis.org>
[ Upstream commit 49d67e445742bbcb03106b735b2ab39f6e5c56bc ]
The tracefs file system is by default mounted such that only root user can
access it. But there are legitimate reasons to create a group and allow
those added to the group to have access to tracing. By changing the
permissions of the tracefs mount point to allow access, it will allow
group access to the tracefs directory.
There should not be any real reason to allow all access to the tracefs
directory as it contains sensitive information. Have the default
permission of directories being created not have any OTH (other) bits set,
such that an admin that wants to give permission to a group has to first
disable all OTH bits in the file system.
Link: https://lkml.kernel.org/r/20210818153038.664127804@goodmis.org
Signed-off-by: Steven Rostedt (VMware) <rostedt@...dmis.org>
Signed-off-by: Sasha Levin <sashal@...nel.org>
---
fs/tracefs/inode.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/fs/tracefs/inode.c b/fs/tracefs/inode.c
index 21d36d2847356..985cccfcedad9 100644
--- a/fs/tracefs/inode.c
+++ b/fs/tracefs/inode.c
@@ -429,7 +429,8 @@ static struct dentry *__create_dir(const char *name, struct dentry *parent,
if (unlikely(!inode))
return failed_creating(dentry);
- inode->i_mode = S_IFDIR | S_IRWXU | S_IRUGO | S_IXUGO;
+ /* Do not set bits for OTH */
+ inode->i_mode = S_IFDIR | S_IRWXU | S_IRUSR| S_IRGRP | S_IXUSR | S_IXGRP;
inode->i_op = ops;
inode->i_fop = &simple_dir_operations;
--
2.33.0
Powered by blists - more mailing lists