[PATCH] FUSE - don't check against zero fsuid

From: Miklos Szeredi
Date: Fri Jan 14 2005 - 07:52:31 EST

Next message: Miklos Szeredi: "[PATCH] FUSE - remove mount_max and user_allow_other module parameters"
Previous message: Miklos Szeredi: "[PATCH] FUSE - fix variable with confusing name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

Andrew,

This patch replaces check for zero fsuid with a capability check.

Signed-off-by: Miklos Szeredi <miklos@xxxxxxxxxx>
diff -rup linux-2.6.11-rc1-mm1/fs/fuse/dir.c linux-2.6.11-rc1-mm1-fuse/fs/fuse/dir.c
--- linux-2.6.11-rc1-mm1/fs/fuse/dir.c 2005-01-14 12:30:07.000000000 +0100
+++ linux-2.6.11-rc1-mm1-fuse/fs/fuse/dir.c 2005-01-14 12:44:36.000000000 +0100
@@ -422,7 +422,7 @@ static int fuse_revalidate(struct dentry
if (!(fc->flags & FUSE_ALLOW_OTHER) &&
current->fsuid != fc->user_id &&
(!(fc->flags & FUSE_ALLOW_ROOT) ||
- current->fsuid != 0))
+ !capable(CAP_DAC_OVERRIDE)))
return -EACCES;
} else if (time_before_eq(jiffies, fi->i_time))
return 0;
@@ -435,7 +435,7 @@ static int fuse_permission(struct inode
struct fuse_conn *fc = get_fuse_conn(inode);

if (!(fc->flags & FUSE_ALLOW_OTHER) && current->fsuid != fc->user_id &&
- (!(fc->flags & FUSE_ALLOW_ROOT) || current->fsuid != 0))
+ (!(fc->flags & FUSE_ALLOW_ROOT) || !capable(CAP_DAC_OVERRIDE)))
return -EACCES;
else if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
int err = generic_permission(inode, mask, NULL);
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Miklos Szeredi: "[PATCH] FUSE - remove mount_max and user_allow_other module parameters"
Previous message: Miklos Szeredi: "[PATCH] FUSE - fix variable with confusing name"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]