On Tue, Aug 04, 2009 at 10:55:35PM +0200, Ondrej Palkovsky wrote:
> /*
> * access() needs to use the real uid/gid, not the effective uid/gid.
> * We do this by temporarily clearing all FS-related capabilities and
> * switching the fsuid/fsgid around to the real ones.
> */
>
> The resulting behaviour (2.6.18, 2.6.28, source code for 2.6.30 seems to
> be the same) seems to be that access() is dependent on uid, not fsuid -
> this seems to me to be a bug, which unfortunately somewhat inhibits
> multithreaded file servers that want to use access() e.g. for ACL
> checks. Is there some reason why it is implemented the way it is as it
> looks like an intention?
Unfortunately, POSIX specifies that we have to do it that way:
The access() function shall check the file named by the pathname
pointed to by the path argument for accessibility according to the
bit pattern contained in amode, using the real user ID in place of
the effective user ID and the real group ID in place of the effective
group ID.
(http://www.opengroup.org/onlinepubs/000095399/functions/access.html)
Why does this fileserver want to use access()? WHy not just open the
file and report the error if one happens?
--
Matthew Wilcox Intel Open Source Technology Centre
"Bill, look, we understand that you're interested in selling us this
operating system, but compare it to ours. We can't possibly take such
a retrograde step."
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
