On Thu, 8 May 2008, Christoph Hellwig wrote: > On Tue, May 06, 2008 at 11:13:34AM +0200, Miklos Szeredi wrote: > > From: Miklos Szeredi <mszeredi@xxxxxxx> > > > > The FAT_IOCTL_SET_ATTRIBUTES ioctl() calls notify_change() to change > > the file mode before changing the inode attributes. Replace with > > explicit call to fat_setattr(). > > > > This is equivalent, except that security_inode_setattr() is not called > > before fat_setattr(). I think this is not needed, since the mode > > change is just a side effect of the attribute change. > > Actually I think we want the security_inode_setattr. This is an > implicit chmode when switching the ATTR_RO flag on and off and we should > have the full security check for it. Then again I'm not sure the > security modules care about this level of detail because there's > probably even worse ioctl hidden somewhere. > > Ccing the Selinux guys and Casey in case they care. > I don't know of any situation where we'd have policy differentating the ioctl check from setattr for FAT (or any filesystem). - James -- James Morris <jmorris@xxxxxxxxx> -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
