Hi Miklos, > 2) I've found yet another divergence from the spec -- but this > was in the original implementation, rather than being > something that has been introduced. In do_futimes() there is > > if (!times && !(file->f_mode & FMODE_WRITE)) > write_error = -EACCES; > > However, the check here should not be against the f_mode (file access > mode), but the against actual permission of the file referred to by > the underlying descriptor. This means that for the do_futimes() + > times==NULL case, a set-user-ID root program could open a file > descriptor O_RDWR/O_WRONLY for which the real UID does not have write > access, and then even after reverting the the effective UID, the real > user could still update file. > > I'm not sure of the correct way to get the required nameidata (to do a > vfs_permission() call) from the file descriptor. Can you give me a > tip there? Could you point me at the right way of doing this? Cheers, Michael -- To unsubscribe from this list: send the line "unsubscribe linux-man" in the body of a message to majordomo@xxxxxxxxxxxxxxx More majordomo info at http://vger.kernel.org/majordomo-info.html
