From: Trond Myklebust <trond.myklebust@fys.uio.no>
To: Miklos Szeredi <miklos@szeredi.hu>
Cc: linux-fsdevel@vger.kernel.org, hch@infradead.org,
viro@ZenIV.linux.org.uk, linux-kernel@vger.kernel.org
Subject: Re: [patch 11/14] vfs: move executable checking into ->permission()
Date: Wed, 21 May 2008 14:16:33 -0400 [thread overview]
Message-ID: <1211393793.7486.15.camel@localhost> (raw)
In-Reply-To: <20080521171557.399850407@szeredi.hu>
On Wed, 2008-05-21 at 19:15 +0200, Miklos Szeredi wrote:
> +/**
> + * exec_permission - check for general execute permission on file
> + * @inode: inode to check access rights for
> + * @mask: right to check for
> + *
> + * Exec permission on a regular file is denied if none of the execute
> + * bits are set.
> + *
> + * This needs to be called by filesystems which define a
> + * ->permission() method, and don't call generic_permission().
> + */
> +int exec_permission(struct inode *inode, int mask)
> +{
> + if ((mask & MAY_EXEC) && S_ISREG(inode->i_mode) &&
> + !(inode->i_mode & S_IXUGO))
> + return -EACCES;
> +
> + return 0;
> +}
Hmm... What if !(mask & MAY_EXEC)? AFAICS, the above will return 0.
A better approach would be to use something like
if (!(mask & MAY_EXEC))
return -EACCES;
if (S_ISREG(inode->i_mode) && !(inode->i_mode & S_IXUGO))
return -EACCES;
return 0;
next prev parent reply other threads:[~2008-05-21 18:16 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2008-05-21 17:14 [patch 00/14] vfs: permission API cleanup Miklos Szeredi
2008-05-21 17:14 ` [patch 01/14] vfs: add path_getxattr() Miklos Szeredi
2008-05-21 17:15 ` [patch 02/14] vfs: add path_listxattr() Miklos Szeredi
2008-05-21 17:15 ` [patch 03/14] hppfs: remove hppfs_permission Miklos Szeredi
2008-05-23 9:17 ` Christoph Hellwig
2008-05-21 17:15 ` [patch 04/14] gfs2: dont call permission() Miklos Szeredi
2008-05-23 9:12 ` Steven Whitehouse
2008-05-23 9:30 ` Miklos Szeredi
2008-05-23 9:32 ` Christoph Hellwig
2008-05-23 9:18 ` Christoph Hellwig
2008-05-23 9:48 ` Miklos Szeredi
2008-05-23 10:00 ` Miklos Szeredi
2008-05-25 19:24 ` Christoph Hellwig
2008-05-23 10:18 ` Steven Whitehouse
2008-05-23 11:01 ` Miklos Szeredi
2008-05-25 19:23 ` Christoph Hellwig
2008-05-21 17:15 ` [patch 05/14] hpfs: " Miklos Szeredi
2008-05-23 9:20 ` Christoph Hellwig
2008-05-21 17:15 ` [patch 06/14] hfsplus: remove hfsplus_permission() Miklos Szeredi
2008-05-21 20:35 ` Roman Zippel
2008-05-22 7:58 ` Miklos Szeredi
2008-05-22 12:02 ` Roman Zippel
2008-05-22 12:17 ` Miklos Szeredi
2008-05-22 12:28 ` Roman Zippel
2008-05-22 12:37 ` Miklos Szeredi
2008-05-23 9:21 ` Christoph Hellwig
2008-05-23 15:18 ` Roman Zippel
2008-05-23 15:31 ` Miklos Szeredi
2008-05-23 15:49 ` Miklos Szeredi
2008-05-23 16:30 ` Roman Zippel
2008-05-23 18:02 ` Miklos Szeredi
2008-05-23 18:33 ` Roman Zippel
2008-05-23 19:05 ` Miklos Szeredi
2008-05-23 21:52 ` Roman Zippel
2008-05-24 6:59 ` Miklos Szeredi
2008-05-23 15:11 ` Roman Zippel
2008-05-21 17:15 ` [patch 07/14] vfs: pass dentry to permission() Miklos Szeredi
2008-05-21 20:29 ` Al Viro
2008-05-22 7:00 ` Miklos Szeredi
2008-05-22 7:12 ` Miklos Szeredi
2008-05-21 17:15 ` [patch 08/14] vfs: cleanup i_op->permission() Miklos Szeredi
2008-05-21 17:15 ` [patch 09/14] security: dont pass nameidata to security_inode_permission() Miklos Szeredi
2008-05-21 22:52 ` James Morris
2008-05-21 17:15 ` [patch 10/14] vfs: pass flags to dentry_permission() Miklos Szeredi
2008-05-21 17:15 ` [patch 11/14] vfs: move executable checking into ->permission() Miklos Szeredi
2008-05-21 18:16 ` Trond Myklebust [this message]
2008-05-21 19:09 ` Miklos Szeredi
2008-05-21 19:26 ` Trond Myklebust
2008-05-21 19:34 ` Miklos Szeredi
2008-05-23 9:26 ` Christoph Hellwig
2008-05-23 9:52 ` Miklos Szeredi
2008-05-21 17:15 ` [patch 12/14] vfs: create path_permission() Miklos Szeredi
2008-05-21 17:15 ` [patch 13/14] vfs: dont use dentry_permission() Miklos Szeredi
2008-05-21 17:15 ` [patch 14/14] vfs: path_permission() clean up flags Miklos Szeredi
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1211393793.7486.15.camel@localhost \
--to=trond.myklebust@fys.uio.no \
--cc=hch@infradead.org \
--cc=linux-fsdevel@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=miklos@szeredi.hu \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.