Any user can display extented attribute names without read
access.
eg: attr -l <filename>
This patch checks inode_permission in listxattr common
function before executing vfs_listxattr.
Signed-off-by: Fabian Frederick <fabf@xxxxxxxxx>
---
fs/xattr.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/fs/xattr.c b/fs/xattr.c
index 3377dff..d26b280 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -543,6 +543,10 @@ listxattr(struct dentry *d, char __user *list, size_t size)
char *klist = NULL;
char *vlist = NULL; /* If non-NULL, we used vmalloc() */
+ error = inode_permission(d->d_inode, MAY_READ);
+ if (error)
+ return error;
+
if (size) {
if (size > XATTR_LIST_MAX)
size = XATTR_LIST_MAX;
--
1.8.1.4
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
