On Tue, Oct 21, 2014 at 2:34 PM, Michael j Theall <mtheall@xxxxxxxxxx> wrote: > Andy Lutomirski <luto@xxxxxxxxxxxxxx> wrote on 10/21/2014 04:27:13 PM: >> But how does this help with FUSE at all? Does FUSE end up calling >> xattr_permission? >> >> --Andy >> > > The xattr system calls go through xattr_permission before it ever gets to > the FUSE ops. But a malicious FUSE filesystem can just put those xattrs there by fiat, the same way that my old FUSE-based sploit put a setuid root copy of bash in the filesystem. No setxattr calls are needed. --Andy -- To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
