Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user

xfs

Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user

To:	Dwight Engen <dwight.engen@xxxxxxxxxx>
Subject:	Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace
From:	Dave Chinner <david@xxxxxxxxxxxxx>
Date:	Fri, 2 Aug 2013 11:46:59 +1000
Cc:	xfs@xxxxxxxxxxx
Delivered-to:	xfs@xxxxxxxxxxx
In-reply-to:	<20130801113006.13370058@xxxxxxxxxx>
References:	<20130801113006.13370058@xxxxxxxxxx>
User-agent:	Mutt/1.5.21 (2010-09-15)

On Thu, Aug 01, 2013 at 11:30:06AM -0400, Dwight Engen wrote:
> Use inode_capable() to check if SUID|SGID bits should be cleared to match
> similar check in inode_change_ok().
> 
> The check for CAP_LINUX_IMMUTABLE was not modified since all other file
> systems also check against init_user_ns rather than current_user_ns.
> 
> Only allow changing of projid from init_user_ns.
> 
> Signed-off-by: Dwight Engen <dwight.engen@xxxxxxxxxx>

looks good.

Reviewed-by: Dave Chinner <dchinner@xxxxxxxxxx>

-- 
Dave Chinner
david@xxxxxxxxxxxxx

[More with this subject...]

<Prev in Thread]	Current Thread	[Next in Thread>
[PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace, Dwight Engen Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace, Dave Chinner <= Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace, Gao feng

Previous by Date:	Re: [PATCH 05/49] xfs: separate dquot on disk format definitions out of xfs_quota.h, Dave Chinner
Next by Date:	Re: [PATCH v8 6/7] xfs: add capability check to free eofblocks ioctl, Dave Chinner
Previous by Thread:	[PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace, Dwight Engen
Next by Thread:	Re: [PATCH v8 3/7] xfs: ioctl check for capabilities in the current user namespace, Gao feng
Indexes:	[Date] [Thread] [Top] [All Lists]