From mboxrd@z Thu Jan 1 00:00:00 1970 From: David Laight Subject: RE: [PATCH v4 2/5] fs: Add fchmodat2() Date: Thu, 27 Jul 2023 09:01:06 +0000 Message-ID: References: Mime-Version: 1.0 Content-Transfer-Encoding: 8BIT Return-path: In-Reply-To: Content-Language: en-US List-ID: Content-Type: text/plain; charset="us-ascii" To: 'Aleksa Sarai' , Alexey Gladkov Cc: LKML , Arnd Bergmann , "linux-api@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "viro@zeniv.linux.org.uk" , "James.Bottomley@hansenpartnership.com" , "acme@kernel.org" , "alexander.shishkin@linux.intel.com" , "axboe@kernel.dk" , "benh@kernel.crashing.org" , "borntraeger@de.ibm.com" , "bp@alien8.de" , "catalin.marinas@arm.com" , "christian@brauner.io" , "dalias@libc.org" , davem@davemloft.ne From: Aleksa Sarai > Sent: 25 July 2023 17:36 ... > We almost certainly want to support AT_EMPTY_PATH at the same time. > Otherwise userspace will still need to go through /proc when trying to > chmod a file handle they have. That can't be allowed. Just because a process has a file open and write access to the directory that contains it doesn't mean they are allowed to change the file permissions. They also need directory search access from a directory they have open through to the containing directory. David