Revision 999653786df6954a31044528ac3f7a5dadca08f4 authored by Ben Hutchings on 22 June 2016, 18:43:35 UTC, committed by J. Bruce Fields on 24 June 2016, 16:11:52 UTC
Use set_posix_acl, which includes proper permission checks, instead of calling ->set_acl directly. Without this anyone may be able to grant themselves permissions to a file by setting the ACL. Lock the inode to make the new checks atomic with respect to set_acl. (Also, nfsd was the only caller of set_acl not locking the inode, so I suspect this may fix other races.) This also simplifies the code, and ensures our ACLs are checked by posix_acl_valid. The permission checks and the inode locking were lost with commit 4ac7249e, which changed nfsd to use the set_acl inode operation directly instead of going through xattr handlers. Reported-by: David Sinquin <david@sinquin.eu> [agreunba@redhat.com: use set_posix_acl] Fixes: 4ac7249e Cc: Christoph Hellwig <hch@infradead.org> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: stable@vger.kernel.org Signed-off-by: J. Bruce Fields <bfields@redhat.com>
1 parent 485e71e
File | Mode | Size |
---|---|---|
Documentation | ||
arch | ||
block | ||
certs | ||
crypto | ||
drivers | ||
firmware | ||
fs | ||
include | ||
init | ||
ipc | ||
kernel | ||
lib | ||
mm | ||
net | ||
samples | ||
scripts | ||
security | ||
sound | ||
tools | ||
usr | ||
virt | ||
.get_maintainer.ignore | -rw-r--r-- | 31 bytes |
.gitignore | -rw-r--r-- | 1.2 KB |
.mailmap | -rw-r--r-- | 5.8 KB |
COPYING | -rw-r--r-- | 18.3 KB |
CREDITS | -rw-r--r-- | 95.5 KB |
Kbuild | -rw-r--r-- | 2.8 KB |
Kconfig | -rw-r--r-- | 252 bytes |
MAINTAINERS | -rw-r--r-- | 352.7 KB |
Makefile | -rw-r--r-- | 56.0 KB |
README | -rw-r--r-- | 18.1 KB |
REPORTING-BUGS | -rw-r--r-- | 7.3 KB |
Computing file changes ...