From: Al Viro <viro@ftp.linux.org.uk>
To: Satyam Sharma <ssatyam@cse.iitk.ac.in>
Cc: Linus Torvalds <torvalds@linux-foundation.org>,
Linux Kernel Mailing List <linux-kernel@vger.kernel.org>,
Ulrich Drepper <drepper@redhat.com>
Subject: Re: [PATCH] utime(s): Honour CAP_FOWNER when times==NULL
Date: Mon, 16 Jul 2007 21:45:23 +0100 [thread overview]
Message-ID: <20070716204523.GJ21668@ftp.linux.org.uk> (raw)
In-Reply-To: <Pine.LNX.4.64.0707170054100.2005@cselinux1.cse.iitk.ac.in>
On Tue, Jul 17, 2007 at 01:00:42AM +0530, Satyam Sharma wrote:
> > if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
> >
> > test is a rather common test, and in fact, arguably, every time you see
> > one part of it, you should probably see the other. Would it make sense to
> > make a helper inline function to do this, and replace all users? Doing a
> >
> > git grep 'fsuid.*\<i_uid\>'
> >
> > seems to show quite a few cases of this pattern..
>
> Yes, I thought of writing a helper function for this myself. The semantics
> of CAP_FOWNER sort of justify that, but probably better to get Al's views
> on this first.
Helper makes sense (and most of these places will become its call), but...
E.g. IIRC the change of UID requires CAP_CHOWN; CAP_FOWNER is not enough.
Ditto for change of GID. setlease() is using CAP_LEASE and that appears
to be intentional (no idea what relevant standards say here)...
I'd suggest converting the obvious cases with new helper and taking the
rest one-by-one after that. Some of those might want CAP_FOWNER added,
some not...
next prev parent reply other threads:[~2007-07-16 20:45 UTC|newest]
Thread overview: 9+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <20070716185423.1607.78787.sendpatchset@cselinux1.cse.iitk.ac.i n>
2007-07-16 18:54 ` [PATCH] utime(s): Honour CAP_FOWNER when times==NULL Satyam Sharma
2007-07-16 18:47 ` Linus Torvalds
2007-07-16 19:30 ` Satyam Sharma
2007-07-16 20:45 ` Al Viro [this message]
2007-07-16 21:46 ` Satyam Sharma
2007-07-16 21:54 ` Satyam Sharma
2007-07-16 23:18 ` Al Viro
2007-07-16 23:50 ` Satyam Sharma
2007-07-17 9:22 ` Satyam Sharma
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20070716204523.GJ21668@ftp.linux.org.uk \
--to=viro@ftp.linux.org.uk \
--cc=drepper@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=ssatyam@cse.iitk.ac.in \
--cc=torvalds@linux-foundation.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.