[PATCH 7/9] xfs: kill suid/sgid through the truncate path.
Brian Foster
bfoster at redhat.com
Thu May 30 11:02:40 CDT 2013
On 05/30/2013 11:52 AM, Ben Myers wrote:
> Hey Brian,
>
> On Thu, May 30, 2013 at 10:17:30AM -0400, Brian Foster wrote:
>> On 05/27/2013 02:38 AM, Dave Chinner wrote:
>>> From: Dave Chinner <dchinner at redhat.com>
>>>
>>> XFS has failed to kill suid/sgid bits correctly when truncating
>>> files of non-zero size since commit c4ed4243 ("xfs: split
>>> xfs_setattr") introduced in the 3.1 kernel. Fix it.
>>>
>>
>> The code makes sense and I can easily hit an assert when truncating
>> (extending) a suid file on a debug kernel without this patch (and I see
>> the suid dropped with the patch).
>
> What commands did you use? It seems like this is dealing with S_ISGID, correct?
>
Hi Ben,
Yeah, that confused me at first as well. I believe the vfs interprets
the ATTR_KILL_SUID/SGIT bits prior to the setattr call and wipes out the
associated mode bits if necessary.
What I did was basically create a zero sized file as root, chmod to a+s
and a+rwx and then as a regular user, truncate that file to something
larger than zero. Without the patch I hit the assert and with the patch
the assert doesn't fire and the setuid bit is dropped.
Brian
> Thanks,
> Ben
>
More information about the xfs
mailing list