• Neil Brown's avatar
    [PATCH] kNFSd: Return correct result for ACCESS(READ) on eXecute-only file. · 4fe13364
    Neil Brown authored
    Currently, an NFSv3 ACCESS check for READ permission on an
    eXecute-only file will succeed where it should fail.
    
    This is because nfsd_permission allows READ access to eXecute only
    files so that mode 711 executables can be loaded and run, and
    nfsd_access simply uses nfsd_permission.
    
    This patch changes nfsd_permission to only map eXecute permission to
    read permission of MAY_OWNER_OVERRIDE was set.  This is only set
    when trying to read from a file, so ACCESS will no longer be tricked.
    
    This change will only affect callers of nfsd_permission that specify
    MAY_READ and not MAY_OWNER_OVERRIDE, and nfsd_access is the only
    routine that calls nfsd_permission (via fh_verify) that way.
    4fe13364
vfs.c 37.9 KB