From: Dan Carpenter <dan.carpenter@oracle.com>
To: "Darrick J. Wong" <darrick.wong@oracle.com>
Cc: TongZhang <ztong@vt.edu>,
linux-xfs@vger.kernel.org,
"security@kernel.org>" <security@kernel.org>,
wenbo.s@samsung.com, ahmedmoneeb@gmail.com
Subject: Re: Missing security_inode_readlink() in xfs_file_ioctl()
Date: Fri, 10 Aug 2018 22:02:17 +0300 [thread overview]
Message-ID: <20180810190217.uhiyp4totxrem5lw@mwanda> (raw)
In-Reply-To: <20180810160931.GF12194@magnolia>
On Fri, Aug 10, 2018 at 09:09:31AM -0700, Darrick J. Wong wrote:
> On Fri, Aug 10, 2018 at 12:22:29PM +0300, Dan Carpenter wrote:
> > Hi XFS devs,
> >
> > We received this email on security@kernel.org. This is under
> > CAP_SYS_ADMIN, but it maybe should also check with selinux?
>
> Hmm, so the point of adding a security_inode_readlink call would be to
> restrict userland access xfs_readlink_by_handle further in case the
> system has a policy whereby even possessing CAP_SYS_ADMIN is not by
> itself sufficient to be able to read a symlink?
>
> IOWs, are there security policies where CAP_SYS_ADMIN isn't a "get
> access to everything" wildcard? I imagine the answer is "yes" and
> therefore xfs needs the call, but I thought I'd ask first.
>
Yeah... Forget about it. I pushed this out to you without really
thinking about it, just to get it off my todo list and that wasn't the
right thing.
regards,
dan carpenter
next prev parent reply other threads:[~2018-08-10 21:33 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <41DC519D-83A7-4964-A6C8-B16CFEEDB65F@vt.edu>
2018-08-10 9:22 ` Missing security_inode_readlink() in xfs_file_ioctl() Dan Carpenter
2018-08-10 16:09 ` Darrick J. Wong
2018-08-10 16:34 ` Linus Torvalds
2018-08-10 19:02 ` Dan Carpenter [this message]
2018-08-13 7:35 ` Carlos Maiolino
2018-08-13 8:30 ` Dan Carpenter
2018-08-13 22:22 ` Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20180810190217.uhiyp4totxrem5lw@mwanda \
--to=dan.carpenter@oracle.com \
--cc=ahmedmoneeb@gmail.com \
--cc=darrick.wong@oracle.com \
--cc=linux-xfs@vger.kernel.org \
--cc=security@kernel.org \
--cc=wenbo.s@samsung.com \
--cc=ztong@vt.edu \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).