On Donnerstag, 17. Juni 2010 Dave Chinner wrote:
> Hence if we get a cold cache lookup from a stale handle that
> references such an inode, we can read the inode off disk even though
> it has been deleted because we don't check if the inode is allocated
> or not. If the inode chunk has not been overwritten, then the inode
> read will succeed and the handle-to-dentry conversion will not error
> out like it is supposed to. The result is that stale NFS filehandles
> and open_by_handle() will succeed incorrectly on unlinked files for
> cold cache lookups.
Wouldn't that qualify as a security problem and be handled as such?
There should be back ports for "long term support" kernels of security-
sensitive people, and so on.
--
mit freundlichen Grüssen,
Michael Monnerie, Ing. BSc
it-management Internet Services
http://proteger.at [gesprochen: Prot-e-schee]
Tel: 0660 / 415 65 31
// Wir haben im Moment zwei Häuser zu verkaufen:
// http://zmi.at/langegg/
// http://zmi.at/haus2009/
signature.asc
Description: This is a digitally signed message part.
|