Commit 0667dfff authored by Li Xi's avatar Li Xi Committed by Greg Kroah-Hartman

staging/lustre: fix permission problem of setfacl

Setxattr does not check the permission when setting ACL xattrs. This
will cause security problem because any user can walk around
permission checking by changing ACL rules.
Signed-off-by: default avatarLi Xi <lixi@ddn.com>
Reviewed-on: http://review.whamcloud.com/9473
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4704Reviewed-by: default avatarAndreas Dilger <andreas.dilger@intel.com>
Reviewed-by: default avatarBob Glossman <bob.glossman@intel.com>
Reviewed-by: default avatarJohn L. Hammond <john.hammond@intel.com>
Signed-off-by: default avatarOleg Drokin <oleg.drokin@intel.com>
Signed-off-by: default avatarGreg Kroah-Hartman <gregkh@linuxfoundation.org>
parent e55c4476
...@@ -124,6 +124,11 @@ int ll_setxattr_common(struct inode *inode, const char *name, ...@@ -124,6 +124,11 @@ int ll_setxattr_common(struct inode *inode, const char *name,
if (rc) if (rc)
return rc; return rc;
if ((xattr_type == XATTR_ACL_ACCESS_T ||
xattr_type == XATTR_ACL_DEFAULT_T) &&
!inode_owner_or_capable(inode))
return -EPERM;
/* b10667: ignore lustre special xattr for now */ /* b10667: ignore lustre special xattr for now */
if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) || if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) ||
(xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0)) (xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0))
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment