From: Nikhilesh Reddy <reddyn-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
To: Jann Horn <jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org>
Cc: torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org,
Miklos Szeredi <miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org>,
fuse-devel
<fuse-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org>,
linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org,
linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org,
viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org,
Richard Weinberger <richard-/L3Ra7n9ekc@public.gmane.org>,
Theodore Ts'o <tytso-3s7WtUTddSA@public.gmane.org>,
jack-AlSwsSmVLrQ@public.gmane.org,
Antonio SJ Musumeci
<trapexit-wGTF+nt6ur047o9RxwvyTQ@public.gmane.org>,
sven.utcke-Mmb7MZpHnFY@public.gmane.org,
Nikolaus Rath <nikolaus-BTH8mxji4b0@public.gmane.org>,
Jann Horn <jannhorn-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org>,
Mike Shal <marfey-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org>
Subject: Re: [PATCH v5] fuse: Add support for passthrough read/write
Date: Wed, 03 Feb 2016 11:05:57 -0800 [thread overview]
Message-ID: <56B24F95.9040702@codeaurora.org> (raw)
In-Reply-To: <20160202081035.GA18246-J1fxOzX/cBvk1uMJSBkQmQ@public.gmane.org>
Hi
Thanks for your review again :)
>
> Uh... how do you know at this point that the file is actually writable?
> Normally, e.g. vfs_write() will ensure that the file is writable, and
> e.g. generic_file_write_iter() won't check for writability as far as I
> can tell. This might allow someone to use the passthrough mechanism to
> overwrite a file he is only allowed to read, but not write, like
> /etc/passwd.
I considered adding the checks ( the same ones that VFS does) but not
sure if we need to.
So the user will need to construct a fuse filesystem ( that opens for
O_READONLY even though the user asks for a O_RDWR from the FUSE open)
and then mount it , with CAP_SYS_ADMIN for which you need to be root
but once he has that he should be able to easily get to the files
without needing to go through FUSE right using CAP_DAC_OVERRIDE?
Am i missing something? Please do help me understand.
But yes if really needed I can add additional checks once i understand it
>
> Also, I think this might bypass mandatory locks, the
> security_file_permission hook (which seems like a bad idea anyway
> though), inotify/fsnotify and sb_start_write.
>
Can you please elaborate/clarify further? I am am not sure what you mean.
Again thanks for your reviews :)
Appreciate your help
--
Thanks
Nikhilesh Reddy
Qualcomm Innovation Center, Inc.
The Qualcomm Innovation Center, Inc. is a member of the Code Aurora Forum,
a Linux Foundation Collaborative Project.
next prev parent reply other threads:[~2016-02-03 19:05 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2016-02-01 18:56 [PATCH v5] fuse: Add support for passthrough read/write Nikhilesh Reddy
[not found] ` <56AFAA5B.3000006-sgV2jX0FEOL9JmXXK+q4OQ@public.gmane.org>
2016-02-01 19:15 ` Jann Horn
[not found] ` <20160201191555.GA3524-J1fxOzX/cBvk1uMJSBkQmQ@public.gmane.org>
2016-02-01 19:28 ` Nikhilesh Reddy
2016-02-01 19:45 ` Jann Horn
[not found] ` <20160201194526.GA11837-J1fxOzX/cBvk1uMJSBkQmQ@public.gmane.org>
2016-02-03 19:05 ` Nikhilesh Reddy
2016-02-03 19:56 ` Jann Horn
2016-03-04 12:23 ` [fuse-devel] " Andrew Karpow
2016-02-02 8:10 ` Jann Horn
[not found] ` <20160202081035.GA18246-J1fxOzX/cBvk1uMJSBkQmQ@public.gmane.org>
2016-02-03 19:05 ` Nikhilesh Reddy [this message]
2016-02-03 19:53 ` Jann Horn
2016-02-03 20:16 ` Nikhilesh Reddy
2016-02-03 20:42 ` Jann Horn
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=56B24F95.9040702@codeaurora.org \
--to=reddyn-sgv2jx0feol9jmxxk+q4oq@public.gmane.org \
--cc=fuse-devel-5NWGOfrQmneRv+LV9MX5uipxlwaOVQ5f@public.gmane.org \
--cc=gregkh-hQyY1W1yCW8ekmWlsbkhG0B+6BGkLq7r@public.gmane.org \
--cc=jack-AlSwsSmVLrQ@public.gmane.org \
--cc=jann-XZ1E9jl8jIdeoWH0uzbU5w@public.gmane.org \
--cc=jannhorn-gM/Ye1E23mwN+BqQ9rBEUg@public.gmane.org \
--cc=linux-api-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-fsdevel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=linux-kernel-u79uwXL29TY76Z2rM5mHXA@public.gmane.org \
--cc=marfey-Re5JQEeQqe8AvxtiuMwx3w@public.gmane.org \
--cc=miklos-sUDqSbJrdHQHWmgEVkV9KA@public.gmane.org \
--cc=nikolaus-BTH8mxji4b0@public.gmane.org \
--cc=richard-/L3Ra7n9ekc@public.gmane.org \
--cc=sven.utcke-Mmb7MZpHnFY@public.gmane.org \
--cc=torvalds-de/tnXTf+JLsfHDXvbKv3WD2FQJk+8+b@public.gmane.org \
--cc=trapexit-wGTF+nt6ur047o9RxwvyTQ@public.gmane.org \
--cc=tytso-3s7WtUTddSA@public.gmane.org \
--cc=viro-RmSDqhL/yNMiFSDQTTA3OLVCufUGDwFn@public.gmane.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).