| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Thu, 10 Nov 2022 20:37:44 +0800
From: Wang Boshi <wangboshi@...wei.com>
To: <viro@...iv.linux.org.uk>
CC: <linux-fsdevel@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH] fs: Delete group check before ACL
Skipping full file ACL checks without no Group permissions causes we
can't deny access from specific users or groups which we ban according
ACL_USER, ACL_GROUP and ACL_MASK rules, because they may pass due to
Other permissions.
Example:
date > test_file
setfacl -m u:1000:rwx,g:2000:rwx,u::rwx,g::rwx,o::rwx,m::0 test_file
capsh --groups=1000 --gid=1000 --uid=1000 -- -c "cat test_file"
capsh --groups=2000 --gid=2000 --uid=2000 -- -c "cat test_file"
Signed-off-by: Wang Boshi <wangboshi@...wei.com>
---
fs/namei.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/fs/namei.c b/fs/namei.c
index 578c2110df02..d5772a31b5fc 100644
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -347,7 +347,7 @@ static int acl_permission_check(struct user_namespace *mnt_userns,
}
/* Do we have ACL's? */
- if (IS_POSIXACL(inode) && (mode & S_IRWXG)) {
+ if (IS_POSIXACL(inode)) {
int error = check_acl(mnt_userns, inode, mask);
if (error != -EAGAIN)
return error;
--
2.29.2
Powered by blists - more mailing lists