From: Li Xi <lixi@xxxxxxx> Setxattr does not check the permission when setting ACL xattrs. This will cause security problem because any user can walk around permission checking by changing ACL rules. Signed-off-by: Li Xi <lixi@xxxxxxx> Reviewed-on: http://review.whamcloud.com/9473 Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4704 Reviewed-by: Andreas Dilger <andreas.dilger@xxxxxxxxx> Reviewed-by: Bob Glossman <bob.glossman@xxxxxxxxx> Reviewed-by: John L. Hammond <john.hammond@xxxxxxxxx> Signed-off-by: Oleg Drokin <oleg.drokin@xxxxxxxxx> --- drivers/staging/lustre/lustre/llite/xattr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index b1ed4d9..67a1de4 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c @@ -124,6 +124,11 @@ int ll_setxattr_common(struct inode *inode, const char *name, if (rc) return rc; + if ((xattr_type == XATTR_ACL_ACCESS_T || + xattr_type == XATTR_ACL_DEFAULT_T) && + !inode_owner_or_capable(inode)) + return -EPERM; + /* b10667: ignore lustre special xattr for now */ if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) || (xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0)) -- 1.8.5.3 _______________________________________________ devel mailing list devel@xxxxxxxxxxxxxxxxxxxxxx http://driverdev.linuxdriverproject.org/mailman/listinfo/driverdev-devel
