From: Jan Kara <jack@suse.cz>
To: Linus Torvalds <torvalds@linux-foundation.org>
Cc: Jan Kara <jack@suse.cz>, Al Viro <viro@zeniv.linux.org.uk>,
stable <stable@vger.kernel.org>
Subject: Re: [PATCH] fs: Fix S_NOSEC handling
Date: Tue, 19 May 2015 10:36:15 +0200 [thread overview]
Message-ID: <20150519083615.GC12901@quack.suse.cz> (raw)
In-Reply-To: <CA+55aFy_p_uD-KbRWZ_MokEhnrdRrDEV3xAsk+U1L7EYFg6BxQ@mail.gmail.com>
On Mon 18-05-15 12:55:37, Linus Torvalds wrote:
> Going through old emails.
>
> This never went anywhere - Al?
No. Later it became part of a larger series
(http://oss.sgi.com/archives/xfs/2015-03/msg00051.html) but Al never got to
merging it.
> That said, the patch looks dubious. If nothing else, shouldn't it use
> the helper function we have, and do something like
>
> if (!error)
> inode_has_no_xattr(inode);
>
> instead?
Yeah, using inode_has_no_xattr() is a good idea. I wasn't aware of that
helper. I'll update the patch and resend.
Honza
> On Wed, Dec 3, 2014 at 2:01 PM, Jan Kara <jack@suse.cz> wrote:
> > file_remove_suid() could mistakenly set S_NOSEC inode bit when root was
> > modifying the file. As a result following writes to the file by ordinary
> > user would avoid clearing suid or sgid bits.
> >
> > Fix the bug by checking actual mode bits before setting S_NOSEC.
> >
> > CC: stable@vger.kernel.org
> > Signed-off-by: Jan Kara <jack@suse.cz>
> > ---
> > fs/inode.c | 3 ++-
> > 1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/fs/inode.c b/fs/inode.c
> > index 26753ba7b6d6..f5e01704a5c8 100644
> > --- a/fs/inode.c
> > +++ b/fs/inode.c
> > @@ -1631,7 +1631,8 @@ int file_remove_suid(struct file *file)
> > error = security_inode_killpriv(dentry);
> > if (!error && killsuid)
> > error = __remove_suid(dentry, killsuid);
> > - if (!error && (inode->i_sb->s_flags & MS_NOSEC))
> > + if (!error && (inode->i_sb->s_flags & MS_NOSEC) &&
> > + !is_sxid(inode->i_mode))
> > inode->i_flags |= S_NOSEC;
> >
> > return error;
> > --
> > 1.8.1.4
> >
--
Jan Kara <jack@suse.cz>
SUSE Labs, CR
prev parent reply other threads:[~2015-05-19 8:36 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1417644091-17334-1-git-send-email-jack@suse.cz>
2015-05-18 19:55 ` [PATCH] fs: Fix S_NOSEC handling Linus Torvalds
2015-05-19 8:36 ` Jan Kara [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20150519083615.GC12901@quack.suse.cz \
--to=jack@suse.cz \
--cc=stable@vger.kernel.org \
--cc=torvalds@linux-foundation.org \
--cc=viro@zeniv.linux.org.uk \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.