Re: [PATCH v4 2/5] fs: Add fchmodat2()

Date Prev

Date Next

Thread Prev

Thread Next

Date Index

Thread Index

To: David Laight <David.Laight@xxxxxxxxxx>

Subject: Re: [PATCH v4 2/5] fs: Add fchmodat2()

From: "dalias@xxxxxxxx" <dalias@xxxxxxxx>

Date: Thu, 27 Jul 2023 12:31:04 -0400

Cc: "'Aleksa Sarai'" <cyphar@xxxxxxxxxx>, Alexey Gladkov <legion@xxxxxxxxxx>, LKML <linux-kernel@xxxxxxxxxxxxxxx>, Arnd Bergmann <arnd@xxxxxxxx>, "linux-api@xxxxxxxxxxxxxxx" <linux-api@xxxxxxxxxxxxxxx>, "linux-fsdevel@xxxxxxxxxxxxxxx" <linux-fsdevel@xxxxxxxxxxxxxxx>, "viro@xxxxxxxxxxxxxxxxxx" <viro@xxxxxxxxxxxxxxxxxx>, "James.Bottomley@xxxxxxxxxxxxxxxxxxxxx" <James.Bottomley@xxxxxxxxxxxxxxxxxxxxx>, "acme@xxxxxxxxxx" <acme@xxxxxxxxxx>, "alexander.shishkin@xxxxxxxxxxxxxxx" <alexander.shishkin@xxxxxxxxxxxxxxx>, "axboe@xxxxxxxxx" <axboe@xxxxxxxxx>, "benh@xxxxxxxxxxxxxxxxxxx" <benh@xxxxxxxxxxxxxxxxxxx>, "borntraeger@xxxxxxxxxx" <borntraeger@xxxxxxxxxx>, "bp@xxxxxxxxx" <bp@xxxxxxxxx>, "catalin.marinas@xxxxxxx" <catalin.marinas@xxxxxxx>, "christian@xxxxxxxxxx" <christian@xxxxxxxxxx>, "davem@xxxxxxxxxxxxx" <davem@xxxxxxxxxxxxx>, "deepa.kernel@xxxxxxxxx" <deepa.kernel@xxxxxxxxx>, "deller@xxxxxx" <deller@xxxxxx>, "dhowells@xxxxxxxxxx" <dhowells@xxxxxxxxxx>, "fenghua.yu@xxxxxxxxx" <fenghua.yu@xxxxxxxxx>, "fweimer@xxxxxxxxxx" <fweimer@xxxxxxxxxx>, "geert@xxxxxxxxxxxxxx" <geert@xxxxxxxxxxxxxx>, "glebfm@xxxxxxxxxxxx" <glebfm@xxxxxxxxxxxx>, "gor@xxxxxxxxxxxxx" <gor@xxxxxxxxxxxxx>, "hare@xxxxxxxx" <hare@xxxxxxxx>, "hpa@xxxxxxxxx" <hpa@xxxxxxxxx>, "ink@xxxxxxxxxxxxxxxxxxxx" <ink@xxxxxxxxxxxxxxxxxxxx>, "jhogan@xxxxxxxxxx" <jhogan@xxxxxxxxxx>, "kim.phillips@xxxxxxx" <kim.phillips@xxxxxxx>, "ldv@xxxxxxxxxxxx" <ldv@xxxxxxxxxxxx>, "linux-alpha@xxxxxxxxxxxxxxx" <linux-alpha@xxxxxxxxxxxxxxx>, "linux-arch@xxxxxxxxxxxxxxx" <linux-arch@xxxxxxxxxxxxxxx>, "linux-ia64@xxxxxxxxxxxxxxx" <linux-ia64@xxxxxxxxxxxxxxx>, "linux-m68k@xxxxxxxxxxxxxxxxxxxx" <linux-m68k@xxxxxxxxxxxxxxx>, "linux-mips@xxxxxxxxxxxxxxx" <linux-mips@xxxxxxxxxxxxxxx>, "linux-parisc@xxxxxxxxxxxxxxx" <linux-parisc@xxxxxxxxxxxxxxx>, "linux-s390@xxxxxxxxxxxxxxx" <linux-s390@xxxxxxxxxxxxxxx>, "linux-sh@xxxxxxxxxxxxxxx" <linux-sh@xxxxxxxxxxxxxxx>, "linux@xxxxxxxxxxxxxxx" <linux@xxxxxxxxxxxxxxx>, "linuxppc-dev@xxxxxxxxxxxxxxxx" <linuxppc-dev@xxxxxxxxxxxxxxxx>, "luto@xxxxxxxxxx" <luto@xxxxxxxxxx>, "mattst88@xxxxxxxxx" <mattst88@xxxxxxxxx>, "mingo@xxxxxxxxxx" <mingo@xxxxxxxxxx>, "monstr@xxxxxxxxx" <monstr@xxxxxxxxx>, "mpe@xxxxxxxxxxxxxx" <mpe@xxxxxxxxxxxxxx>, "namhyung@xxxxxxxxxx" <namhyung@xxxxxxxxxx>, "paulus@xxxxxxxxx" <paulus@xxxxxxxxx>, "peterz@xxxxxxxxxxxxx" <peterz@xxxxxxxxxxxxx>, "ralf@xxxxxxxxxxxxxx" <ralf@xxxxxxxxxxxxxx>, "sparclinux@xxxxxxxxxxxxxxx" <sparclinux@xxxxxxxxxxxxxxx>, "stefan@xxxxxxxx" <stefan@xxxxxxxx>, "tglx@xxxxxxxxxxxxx" <tglx@xxxxxxxxxxxxx>, "tony.luck@xxxxxxxxx" <tony.luck@xxxxxxxxx>, "tycho@xxxxxxxx" <tycho@xxxxxxxx>, "will@xxxxxxxxxx" <will@xxxxxxxxxx>, "x86@xxxxxxxxxx" <x86@xxxxxxxxxx>, "ysato@xxxxxxxxxxxxxxxxxxxx" <ysato@xxxxxxxxxxxxx>, Palmer Dabbelt <palmer@xxxxxxxxxx>

In-reply-to: <d052e1266bf042f9b4961bbf42261a55@AcuMS.aculab.com>

User-agent: Mutt/1.5.21 (2010-09-15)

On Thu, Jul 27, 2023 at 09:01:06AM +0000, David Laight wrote:
> From: Aleksa Sarai
> > Sent: 25 July 2023 17:36
> ....
> > We almost certainly want to support AT_EMPTY_PATH at the same time.
> > Otherwise userspace will still need to go through /proc when trying to
> > chmod a file handle they have.
> 
> That can't be allowed.
> 
> Just because a process has a file open and write access to
> the directory that contains it doesn't mean they are allowed
> to change the file permissions.
> 
> They also need directory search access from a directory
> they have open through to the containing directory.

Am I missing something? How is this different from fchmod?

Rich