Re: [PATCH 9/9] sysfs: disallow world-writable files.

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Gobinda Maji <gobinda.cemk07@xxxxxxxxx> writes:
> Hi Rusty,

Hi Gobinda,

> I have a small doubt about the permission restriction (User perms >=
> group perms >= other perms) in VERIFY_OCTAL_PERMISSIONS(). Please Note
> that permission field of User, Group or Other consists of three bits.
> LSB is EXECUTE permission, MSB is READ permission and the middle bit
> is WRITE permission. Say for example, permission value is "0431". Here
> User has only READ permission whereas Group has both WRITE and EXECUTE
> permission and Other has EXECUTE permission. I guess, it is not good
> to give Group the WRITE permission whereas User itself has no WRITE
> permission.

You're absolutely right, well spotted!  The checks can be tightened.  We
don't really care about execute, but logically write is "more
privileged" than read.

Best to separate the tests; OTHER_WRITABLE <= GROUP_WRITABLE <= OWNER_WRITABLE
and OTHER_READABLE <= GROUP_READABLE <= OWNER_READABLE.

A patch would be welcome!

Thanks,
Rusty.
--
To unsubscribe from this list: send the line "unsubscribe linux-next" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html




[Index of Archives]     [Linux Kernel]     [Linux USB Development]     [Yosemite News]     [Linux SCSI]

  Powered by Linux