From: Ted Ts'o <tytso@mit.edu>
To: Al Viro <viro@ZenIV.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Djalal Harouni <tixxdz@opendz.org>,
Hugh Dickins <hughd@google.com>,
Minchan Kim <minchan.kim@gmail.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
Wu Fengguang <fengguang.wu@intel.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
Christoph Hellwig <hch@infradead.org>,
linux-ext4@vger.kernel.org
Subject: Re: [PATCH] mm: add missing mutex lock arround notify_change
Date: Tue, 20 Dec 2011 17:45:58 -0500 [thread overview]
Message-ID: <20111220224558.GA27615@thunk.org> (raw)
In-Reply-To: <20111220220901.GA1770@thunk.org>
I just took a closer look, and we don't need to take immediate action;
there is no security issue here were someone could modify a writable
suid file as I had originally feared. It's not as obvious as it could
be because of how the code is broken up, but in mext_check_arguments()
in fs/ext4/move_extent.c, we return with an error if the donor file
has the SUID or SGID bit set, so we'll never actually end up calling
file_remove_suid(). So in fact the right patch is just to remove the
call to file_remove_suid() altogether.
- Ted
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Fight unfair telecom internet charges in Canada: sign http://stopthemeter.ca/
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
WARNING: multiple messages have this Message-ID (diff)
From: "Ted Ts'o" <tytso@mit.edu>
To: Al Viro <viro@ZenIV.linux.org.uk>,
Andrew Morton <akpm@linux-foundation.org>,
Djalal Harouni <tixxdz@opendz.org>,
Hugh Dickins <hughd@google.com>,
Minchan Kim <minchan.kim@gmail.com>,
KAMEZAWA Hiroyuki <kamezawa.hiroyu@jp.fujitsu.com>,
Wu Fengguang <fengguang.wu@intel.com>,
linux-mm@kvack.org, linux-kernel@vger.kernel.org,
"J. Bruce Fields" <bfields@fieldses.org>,
Neil Brown <neilb@suse.de>,
Mikulas Patocka <mikulas@artax.karlin.mff.cuni.cz>,
Christoph Hellwig <hch@infradead.org>,
linux-ext4@vger.kernel.org
Subject: Re: [PATCH] mm: add missing mutex lock arround notify_change
Date: Tue, 20 Dec 2011 17:45:58 -0500 [thread overview]
Message-ID: <20111220224558.GA27615@thunk.org> (raw)
In-Reply-To: <20111220220901.GA1770@thunk.org>
I just took a closer look, and we don't need to take immediate action;
there is no security issue here were someone could modify a writable
suid file as I had originally feared. It's not as obvious as it could
be because of how the code is broken up, but in mext_check_arguments()
in fs/ext4/move_extent.c, we return with an error if the donor file
has the SUID or SGID bit set, so we'll never actually end up calling
file_remove_suid(). So in fact the right patch is just to remove the
call to file_remove_suid() altogether.
- Ted
next prev parent reply other threads:[~2011-12-20 22:45 UTC|newest]
Thread overview: 25+ messages / expand[flat|nested] mbox.gz Atom feed top
2011-12-16 11:25 [PATCH] mm: add missing mutex lock arround notify_change Djalal Harouni
2011-12-16 11:25 ` Djalal Harouni
2011-12-16 20:55 ` Andrew Morton
2011-12-16 20:55 ` Andrew Morton
2011-12-16 21:54 ` Djalal Harouni
2011-12-16 21:54 ` Djalal Harouni
2011-12-17 21:41 ` Al Viro
2011-12-17 21:41 ` Al Viro
2011-12-17 22:10 ` Al Viro
2011-12-17 22:10 ` Al Viro
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:09 ` Ted Ts'o
2011-12-20 22:45 ` Ted Ts'o [this message]
2011-12-20 22:45 ` Ted Ts'o
2011-12-19 1:43 ` Dave Chinner
2011-12-19 1:43 ` Dave Chinner
2011-12-19 2:03 ` Al Viro
2011-12-19 2:03 ` Al Viro
2011-12-19 2:06 ` Al Viro
2011-12-19 2:06 ` Al Viro
2011-12-19 5:07 ` Dave Chinner
2011-12-19 5:07 ` Dave Chinner
2011-12-19 4:22 ` Dave Chinner
2011-12-19 4:22 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20111220224558.GA27615@thunk.org \
--to=tytso@mit.edu \
--cc=akpm@linux-foundation.org \
--cc=bfields@fieldses.org \
--cc=fengguang.wu@intel.com \
--cc=hch@infradead.org \
--cc=hughd@google.com \
--cc=kamezawa.hiroyu@jp.fujitsu.com \
--cc=linux-ext4@vger.kernel.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=mikulas@artax.karlin.mff.cuni.cz \
--cc=minchan.kim@gmail.com \
--cc=neilb@suse.de \
--cc=tixxdz@opendz.org \
--cc=viro@ZenIV.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.