Re: [PATCH v8 3/4] fs: move S_ISGID stripping into the vfs

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On Wed, Apr 27, 2022 at 11:22:01AM +0200, Christian Brauner wrote:

> +static inline umode_t vfs_prepare_mode(struct user_namespace *mnt_userns,
> +				       const struct inode *dir, umode_t mode,
> +				       umode_t mask_perms, umode_t type)
> +{
> +	/*
> +	 * S_ISGID stripping depends on the mode of the new file so make sure
> +	 * that the caller gives us this information and splat if we miss it.
> +	 */
> +	WARN_ON_ONCE((mode & S_IFMT) == 0);

<blink>

First of all, what happens if you call mknod("/tmp/blah", 0, 0)?  And the only
thing about type bits we care about is "is it a directory" - the sensitive
stuff is in the low 12 bits...  What is that check about?

> +	mode = mode_strip_sgid(mnt_userns, dir, mode);
> +	mode = mode_strip_umask(dir, mode);
> +
> +	/*
> +	 * Apply the vfs mandated allowed permission mask and set the type of
> +	 * file to be created before we call into the filesystem.
> +	 */
> +	mode &= (mask_perms & ~S_IFMT);
> +	mode |= (type & S_IFMT);
> +
> +	return mode;



[Index of Archives]     [CEPH Users]     [Ceph Large]     [Ceph Dev]     [Information on CEPH]     [Linux BTRFS]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite News]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux