Received: (from majordomo@localhost) by oss.sgi.com (8.11.2/8.11.3) id f6QJt8k06823 for linux-xfs-outgoing; Thu, 26 Jul 2001 12:55:08 -0700 Received: from pneumatic-tube.sgi.com (pneumatic-tube.sgi.com [204.94.214.22]) by oss.sgi.com (8.11.2/8.11.3) with SMTP id f6QJt5V06792 for ; Thu, 26 Jul 2001 12:55:05 -0700 Received: from zeus-fddi.americas.sgi.com (zeus-fddi.americas.sgi.com [128.162.8.103]) by pneumatic-tube.sgi.com (980327.SGI.8.8.8-aspam/980310.SGI-aspam) via ESMTP id MAA08471 for ; Thu, 26 Jul 2001 12:52:46 -0700 (PDT) mail_from (lord@sgi.com) Received: from daisy-e185.americas.sgi.com (daisy.americas.sgi.com [128.162.185.214]) by zeus-fddi.americas.sgi.com (8.9.3/americas-smart-nospam1.1) with ESMTP id OAA2539007; Thu, 26 Jul 2001 14:53:45 -0500 (CDT) Received: from jen.americas.sgi.com (IDENT:root@jen.americas.sgi.com [128.162.187.49]) by daisy-e185.americas.sgi.com (SGI-8.9.3/SGI-server-1.7) with ESMTP id OAA73232; Thu, 26 Jul 2001 14:53:44 -0500 (CDT) Received: from jen.americas.sgi.com by jen.americas.sgi.com (8.11.2/SGI-client-1.7) via ESMTP id f6QJrO518223; Thu, 26 Jul 2001 14:53:24 -0500 Message-Id: <200107261953.f6QJrO518223@jen.americas.sgi.com> X-Mailer: exmh version 2.2 06/23/2000 with nmh-1.0.4 To: Keith Owens , tridge@valinux.com cc: linux-xfs@oss.sgi.com Subject: Re: umask fix (patch) In-Reply-To: Message from Keith Owens of "Thu, 26 Jul 2001 13:11:56 +1000." <18265.996117116@kao2.melbourne.sgi.com> Date: Thu, 26 Jul 2001 14:53:24 -0500 From: Steve Lord Sender: owner-linux-xfs@oss.sgi.com Precedence: bulk > On Wed, 25 Jul 2001 19:24:17 -0700 (PDT), > Andrew Tridgell wrote: > >The problem turned out to be in the nfsd code. The following fixes it: > > > >--- fs/nfsd/nfssvc.c 2001/05/29 19:53:13 1.13 > >+++ fs/nfsd/nfssvc.c 2001/07/26 02:27:26 > >@@ -150,6 +150,7 @@ > > MOD_INC_USE_COUNT; > > lock_kernel(); > > daemonize(); > >+ current->fs->umask = 0; > > sprintf(current->comm, "nfsd"); > > current->rlim[RLIMIT_FSIZE].rlim_cur = RLIM_INFINITY; > > Kernel threads share the init task fs context. That change makes all > future kernel threads run with umask 0, a big security exposure. This > problem was supposed to have been fixed in 2.4.7-pre7. There is an XFS bug in here, I am not quite sure how to fix it at the moment though.... Basically the fix which went into 2.4.7-pre7 moved where the process umask was applied to the creation mask to be outside of vfs_create and vfs_mkdir, NFS gets to pass in its own mask - presumably passed along from the client with that umask applied. The problem is the acl code added in the xfs patch. There is code in the mainline kernel which skips the umask if the filesystem has acl support defined in a superblock flag, the filesystem then applies the umask itself if there is no default acl for that directory. So this chunk of code in the xfs create path: fs/xfs/linux/xfs_iops.c have_default_acl = _ACL_GET_DEFAULT(dvp, &pdacl); if (!have_default_acl) { mode &= ~current->fs->umask; } Will be applying the process umask even if we are coming from nfs, negating the fix in the vfs & nfs code. So far the only 'workaround' I can come up with is this: have_default_acl = _ACL_GET_DEFAULT(dvp, &pdacl); if (strcmp(current->comm, "nfsd") && !have_default_acl) { mode &= ~current->fs->umask; } I think that would fix it, but I really don't like it. Steve