| To: | Dwight Engen <dwight.engen@xxxxxxxxxx> |
|---|---|
| Subject: | Re: [PATCH v7 6/7] xfs: add capable check to free eofblocks ioctl |
| From: | Gao feng <gaofeng@xxxxxxxxxxxxxx> |
| Date: | Wed, 31 Jul 2013 15:14:12 +0800 |
| Cc: | xfs@xxxxxxxxxxx |
| Delivered-to: | xfs@xxxxxxxxxxx |
| In-reply-to: | <20130729230705.128e4509@xxxxxxxxxx> |
| References: | <20130729230705.128e4509@xxxxxxxxxx> |
| User-agent: | Mozilla/5.0 (X11; Linux x86_64; rv:17.0) Gecko/20130625 Thunderbird/17.0.7 |
On 07/30/2013 11:07 AM, Dwight Engen wrote: > Check for CAP_SYS_ADMIN since the caller can truncate preallocated > blocks from files they do not own nor have write access to. A more > fine grained access check was considered: require the caller to > specify their own uid/gid and to use inode_permission to check for > write, but this would not catch the case of an inode not reachable > via path traversal from the callers mount namespace. > > Add check for read-only filesystem to free eofblocks ioctl. > > Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx> > --- Reviewed-by: Gao feng <gaofeng@xxxxxxxxxxxxxx> |
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | Re: [PATCH v7 5/7] xfs: create internal eofblocks structure with kuid_t types, Gao feng |
|---|---|
| Next by Date: | Re: [PATCH v7 7/7] enable building user namespace with xfs, Gao feng |
| Previous by Thread: | Re: [PATCH v7 6/7] xfs: add capable check to free eofblocks ioctl, Dave Chinner |
| Next by Thread: | [PATCH v7 7/7] enable building user namespace with xfs, Dwight Engen |
| Indexes: | [Date] [Thread] [Top] [All Lists] |