Thanks for the info. I'm including the upstream git commit id and patch
below just for reference. I was able to reproduce the original bug
reported here against the 2.6.24-16.30 kernel shipped in Hardy final. I
downloaded the 2.6.24-16.30 hardy kernel source and applied the upstream
patch. Although the patch does indeed prevent writes when read only
permissions are specified, further testing shows it will prohibit reads
as well for the user even though read permissions are granted. Also,
with the patch applied, writes were never allowed even when write
permissions are granted. I've attached the output of a small debug
session to show the results. I also tested the upstream 2.6.25 vanilla
kernel to see if there were possibly other patches that would fully
resolve the issue but I found the same results with the upstream vanilla
2.6.25 kernel as with the Ubuntu 2.6.24 kernel + upstream patch.
Szabolcs, just curious if you have done any further testing with the
upstream patch/kernel and if you experience the same results? Thanks.
commit 1a823ac9ff09cbdf39201df37b7ede1f9395de83
Author: Miklos Szeredi <[EMAIL PROTECTED]>
Date: Sat Feb 23 15:23:27 2008 -0800
fuse: fix permission checking
I added a nasty local variable shadowing bug to fuse in 2.6.24, with the
result, that the 'default_permissions' mount option is basically ignored.
How did this happen?
- old err declaration in inner scope
- new err getting declared in outer scope
- 'return err' from inner scope getting removed
- old declaration not being noticed
-Wshadow would have saved us, but it doesn't seem practical for
the kernel :(
More testing would have also saved us :((
Signed-off-by: Miklos Szeredi <[EMAIL PROTECTED]>
Cc: <[EMAIL PROTECTED]>
Signed-off-by: Andrew Morton <[EMAIL PROTECTED]>
Signed-off-by: Linus Torvalds <[EMAIL PROTECTED]>
diff --git a/fs/fuse/dir.c b/fs/fuse/dir.c
index 7fb514b..c4807b3 100644
--- a/fs/fuse/dir.c
+++ b/fs/fuse/dir.c
@@ -906,7 +906,7 @@ static int fuse_permission(struct inode *inode, int mask,
struct nam
}
if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
- int err = generic_permission(inode, mask, NULL);
+ err = generic_permission(inode, mask, NULL);
/* If permission is denied, try to refresh file
attributes. This is also needed, because the root
** Attachment added: "debug.txt"
http://launchpadlibrarian.net/14074814/debug.txt
--
DAC permissions not correctly enforced
https://bugs.launchpad.net/bugs/190329
You received this bug notification because you are a member of Ubuntu
Bugs, which is subscribed to Ubuntu.
--
ubuntu-bugs mailing list
ubuntu-bugs@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
