From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 66433C04FE0 for ; Fri, 28 Jul 2023 18:42:40 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S232365AbjG1Smi (ORCPT ); Fri, 28 Jul 2023 14:42:38 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:52018 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S231767AbjG1Smg (ORCPT ); Fri, 28 Jul 2023 14:42:36 -0400 Received: from brightrain.aerifal.cx (brightrain.aerifal.cx [216.12.86.13]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0613E46A0 for ; Fri, 28 Jul 2023 11:42:21 -0700 (PDT) Date: Fri, 28 Jul 2023 14:42:12 -0400 From: "dalias@libc.org" To: David Laight Cc: 'Aleksa Sarai' , Alexey Gladkov , LKML , Arnd Bergmann , "linux-api@vger.kernel.org" , "linux-fsdevel@vger.kernel.org" , "viro@zeniv.linux.org.uk" , "James.Bottomley@hansenpartnership.com" , "acme@kernel.org" , "alexander.shishkin@linux.intel.com" , "axboe@kernel.dk" , "benh@kernel.crashing.org" , "borntraeger@de.ibm.com" , "bp@alien8.de" , "catalin.marinas@arm.com" , "christian@brauner.io" , "davem@davemloft.net" , "deepa.kernel@gmail.com" , "deller@gmx.de" , "dhowells@redhat.com" , "fenghua.yu@intel.com" , "fweimer@redhat.com" , "geert@linux-m68k.org" , "glebfm@altlinux.org" , "gor@linux.ibm.com" , "hare@suse.com" , "hpa@zytor.com" , "ink@jurassic.park.msu.ru" , "jhogan@kernel.org" , "kim.phillips@arm.com" , "ldv@altlinux.org" , "linux-alpha@vger.kernel.org" , "linux-arch@vger.kernel.org" , "linux-ia64@vger.kernel.org" , "linux-m68k@lists.linux-m68k.org" , "linux-mips@vger.kernel.org" , "linux-parisc@vger.kernel.org" , "linux-s390@vger.kernel.org" , "linux-sh@vger.kernel.org" , "linux@armlinux.org.uk" , "linuxppc-dev@lists.ozlabs.org" , "luto@kernel.org" , "mattst88@gmail.com" , "mingo@redhat.com" , "monstr@monstr.eu" , "mpe@ellerman.id.au" , "namhyung@kernel.org" , "paulus@samba.org" , "peterz@infradead.org" , "ralf@linux-mips.org" , "sparclinux@vger.kernel.org" , "stefan@agner.ch" , "tglx@linutronix.de" , "tony.luck@intel.com" , "tycho@tycho.ws" , "will@kernel.org" , "x86@kernel.org" , "ysato@users.sourceforge.jp" , Palmer Dabbelt Subject: Re: [PATCH v4 2/5] fs: Add fchmodat2() Message-ID: <20230728184212.GD20050@brightrain.aerifal.cx> References: <20230727.041348-imposing.uptake.velvet.nylon-712tDwzCAbCCoSGx@cyphar.com> <20230727.173441-loving.habit.lame.acrobat-V6VTPe8G4FRI@cyphar.com> MIME-Version: 1.0 Content-Type: text/plain; charset=us-ascii Content-Disposition: inline In-Reply-To: User-Agent: Mutt/1.5.21 (2010-09-15) Precedence: bulk List-ID: X-Mailing-List: linux-mips@vger.kernel.org On Fri, Jul 28, 2023 at 08:43:58AM +0000, David Laight wrote: > .... > > FWIW, I agree with Christian that these behaviours are not ideal (and > > I'm working on a series that might allow for these things to be properly > > blocked in the future) but there's also the consistency argument -- I > > don't think fchownat() is much safer to allow in this way than > > fchmodat() and (again) this behaviour is already possible through > > procfs. > > If the 'through procfs' involves readlink("/proc/self/fd/n") and > accessing through the returned path then the permission checks > are different. > Using the returned path requires search permissions on all the > directories. That's *not* how "through procfs" works. The "magic symlinks" in /proc/*/fd are not actual symlinks that get dereferenced to the contents they readlink() to, but special-type objects that dereference directly to the underlying file associated with the open file description. Rich