Honza,
2016-05-26 17:02 GMT+02:00 Jan Kara <jack@xxxxxxx>:
> When file permissions are modified via chmod(2) and the user modifying the
> permissions is not capable of setting SGID bit for the file, the bit gets
> cleared in inode_change_ok(). However this is not the case when file
> permissions get modified via setfacl(1).
this looks like a bug we need to fix, but the two patches are horrible.
How about introducing the following helper in fs/posix_acl.c instead?
int posix_acl_update_mode(struct inode *inode, struct posix_acl **acl)
{
int error;
error = posix_acl_equiv_mode(*acl, &inode->i_mode);
if (error < 0)
return error;
if (error == 0)
*acl = NULL;
if (!in_group_p(inode->i_gid) &&
!capable_wrt_inode_uidgid(inode, CAP_FSETID))
inode->i_mode &= ~S_ISGID;
return 0;
}
Once all filesystems use that, posix_acl_equiv_mode can be made static.
Thanks,
Andreas
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
