Re: [PATCH v5.14.y] fuse: verify {g,u}id mount options correctly

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



On 7/29/24 2:30 PM, Eric Sandeen wrote:
> commit 049584807f1d797fc3078b68035450a9769eb5c3 upstream.
> 
> As was done in
> 0200679fc795 ("tmpfs: verify {g,u}id mount options correctly")
> we need to validate that the requested uid and/or gid is representable in
> the filesystem's idmapping.
> 
> Cribbing from the above commit log,
> 
> The contract for {g,u}id mount options and {g,u}id values in general set
> from userspace has always been that they are translated according to the
> caller's idmapping. In so far, fuse has been doing the correct thing.
> But since fuse is mountable in unprivileged contexts it is also
> necessary to verify that the resulting {k,g}uid is representable in the
> namespace of the superblock.
> 
> Fixes: c30da2e981a7 ("fuse: convert to use the new mount API")
> Cc: stable@xxxxxxxxxxxxxxx # 5.4+
> Signed-off-by: Eric Sandeen <sandeen@xxxxxxxxxx>
> 
> ---
> 
> (compile-tested only)

Sorry, I lied, I compile-tested this patch with the dependency added.
Ignore this one, moving too quickly. :(

-Eric





[Index of Archives]     [Linux Kernel]     [Kernel Development Newbies]     [Linux USB Devel]     [Video for Linux]     [Linux Audio Users]     [Yosemite Hiking]     [Linux Kernel]     [Linux SCSI]

  Powered by Linux