Commit fd249821 authored by Marc Dionne's avatar Marc Dionne Committed by Linus Torvalds

afs: Ignore AFS_ACE_READ and AFS_ACE_WRITE for directories

The AFS_ACE_READ and AFS_ACE_WRITE permission bits should not
be used to make access decisions for the directory itself.  They
are meant to control access for the objects contained in that
directory.

Reading a directory is allowed if the AFS_ACE_LOOKUP bit is set.
This would cause an incorrect access denied error for a directory
with AFS_ACE_LOOKUP but not AFS_ACE_READ.

The AFS_ACE_WRITE bit does not allow operations that modify the
directory.  For a directory with AFS_ACE_WRITE but neither
AFS_ACE_INSERT nor AFS_ACE_DELETE, this would result in trying
operations that would ultimately be denied by the server.
Signed-off-by: default avatarMarc Dionne <marc.dionne@auristor.com>
Signed-off-by: default avatarDavid Howells <dhowells@redhat.com>
Signed-off-by: default avatarLinus Torvalds <torvalds@linux-foundation.org>
parent f991af3d
...@@ -327,12 +327,11 @@ int afs_permission(struct inode *inode, int mask) ...@@ -327,12 +327,11 @@ int afs_permission(struct inode *inode, int mask)
if (!(access & AFS_ACE_LOOKUP)) if (!(access & AFS_ACE_LOOKUP))
goto permission_denied; goto permission_denied;
} else if (mask & MAY_READ) { } else if (mask & MAY_READ) {
if (!(access & AFS_ACE_READ)) if (!(access & AFS_ACE_LOOKUP))
goto permission_denied; goto permission_denied;
} else if (mask & MAY_WRITE) { } else if (mask & MAY_WRITE) {
if (!(access & (AFS_ACE_DELETE | /* rmdir, unlink, rename from */ if (!(access & (AFS_ACE_DELETE | /* rmdir, unlink, rename from */
AFS_ACE_INSERT | /* create, mkdir, symlink, rename to */ AFS_ACE_INSERT))) /* create, mkdir, symlink, rename to */
AFS_ACE_WRITE))) /* chmod */
goto permission_denied; goto permission_denied;
} else { } else {
BUG(); BUG();
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment