On Mon, Sep 19, 2016 at 05:42:48PM +0200, Jan Kara wrote: > When file permissions are modified via chmod(2) and the user is not in > the owning group or capable of CAP_FSETID, the setgid bit is cleared in > inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file > permissions as well as the new ACL, but doesn't clear the setgid bit in > a similar way; this allows to bypass the check in chmod(2). Fix that. Looks good: Reviewed-by: Christoph Hellwig <hch@xxxxxx> (although I would have split it into a refactor patch and the actual fix for clearing the suid bit) -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
