| To: | Al Viro <viro@xxxxxxxxxxxxxxxxxx> |
|---|---|
| Subject: | [PATCH 0/5] fs: Fixes for removing xid bits and security labels |
| From: | Jan Kara <jack@xxxxxxx> |
| Date: | Thu, 4 Dec 2014 14:27:34 +0100 |
| Cc: | linux-fsdevel@xxxxxxxxxxxxxxx, xfs@xxxxxxxxxxx, linux-security-module@xxxxxxxxxxxxxxx, Jan Kara <jack@xxxxxxx> |
| Delivered-to: | xfs@xxxxxxxxxxx |
Hello,
warning in XFS made me look into detail into how clearing of suid / sgid
bits and security labels is done. And I've spotted a few issues:
1) file_remove_suid() is a misnomer since it also handles removing of
security labels. It is even more confusing because should_remove_suid()
doesn't return whether file_remove_suid() is needed or not.
2) on truncate we do clear suid bits but not security labels. I think that's
a bug but please correct me if I'm wrong.
3) ocfs2 doesn't clear security labels - hard to fix, I left it alone for now.
4) XFS didn't provide proper exclusion for clearing mode bits.
This series aims at fixing above issues. The second patch in the series
is unrelated fix to inode_set_mask() which I spotted when playing with the
code.
Honza
|
| <Prev in Thread] | Current Thread | [Next in Thread> |
|---|---|---|
| ||
| Previous by Date: | [PATCH 1/5] fs: Rename file_remove_suid() to file_remove_privs(), Jan Kara |
|---|---|
| Next by Date: | [PATCH 2/5] fs: Fix WARN_ON in inode_set_mask(), Jan Kara |
| Previous by Thread: | Book Printing Service Inquiry -TYJ Printing, tyjprinting |
| Next by Thread: | [PATCH 4/5] fs: Remove security attributes on truncate, Jan Kara |
| Indexes: | [Date] [Thread] [Top] [All Lists] |