On Saturday 10 February 2007 01:46, akpm@xxxxxxxxxxxxxxxxxxxx wrote: > From: Hugh Dickins <hugh@xxxxxxxxxxx> > > Fix insecure default behaviour reported by Tigran Aivazian: if an ext2 or > ext3 or ext4 filesystem is tuned to mount with "acl", but mounted by a > kernel built without ACL support, then umask was ignored when creating > inodes - though root or user has umask 022, touch creates files as 0666, > and mkdir creates directories as 0777. > > This appears to have worked right until 2.6.11, when a fix to the default > mode on symlinks (always 0777) assumed VFS applies umask: which it does, > unless the mount is marked for ACLs; but ext[234] set MS_POSIXACL in > s_flags according to s_mount_opt set according to def_mount_opts. > > We could revert to the 2.6.10 ext[234]_init_acl (adding an S_ISLNK test); > but other filesystems only set MS_POSIXACL when ACLs are configured. We > could fix this at another level; but it seems most robust to avoid setting > the s_mount_opt flag in the first place (at the expense of more ifdefs). > > Likewise don't set the XATTR_USER flag when built without XATTR support. > > Signed-off-by: Hugh Dickins <hugh@xxxxxxxxxxx> > Cc: Tigran Aivazian <tigran@xxxxxxxxxxxxxxxxxxxx> > Cc: <linux-ext4@xxxxxxxxxxxxxxx> > Cc: Andreas Gruenbacher <agruen@xxxxxxx> > Signed-off-by: Andrew Morton <akpm@xxxxxxxxxxxxxxxxxxxx> Ack -- and thanks for this fix! Andreas - To unsubscribe from this list: send the line "unsubscribe linux-ext4" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
