Missing check for CAP_SYS_ADMIN before calling reconfigure_super()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi, there exists a check for CAP_SYS_ADMIN in do_remount(),
do_umount() and vfs_fsconfig_locked() before they finally call
reconfigure_super().

---------------------
// fs/namespace.c
static int do_umount(struct mount *mnt, int flags)
{
        ...
        if (!ns_capable(sb->s_user_ns, CAP_SYS_ADMIN))
            return -EPERM;
        return do_umount_root(sb);
        ...
}

static int do_umount_root(struct super_block *sb)
{
                ...
                ret = reconfigure_super(fc);
                ...
}
---------------------

However, for function do_emergency_remount_callback(), vfs_get_super()
and reconfigure_single() in fs/super.c, there is no such check for
CAP_SYS_ADMIN before calling reconfigure_super(), neither do their
callers.

Is this a missing check bug which may break the protection for superblock?

Thanks!

Best regards,
Tianyu
[Index of Archives]     [Linux Ext4 Filesystem]     [Union Filesystem]     [Filesystem Testing]     [Ceph Users]     [Ecryptfs]     [AutoFS]     [Kernel Newbies]     [Share Photos]     [Security]     [Netfilter]     [Bugtraq]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Linux Security]     [Linux Cachefs]     [Reiser Filesystem]     [Linux RAID]     [Samba]     [Device Mapper]     [CEPH Development]

  Powered by Linux