diff options
| author | Jan Kara <jack@suse.cz> | 2016-10-25 08:44:26 -0500 |
|---|---|---|
| committer | Jiri Slaby <jslaby@suse.cz> | 2017-01-27 11:15:59 +0100 |
| commit | a88a2be387d1d8a5843826e12009c79e32fb46c8 (patch) | |
| tree | 604f164ac4e838d4f12bbc299eb4b977c509103a /include | |
| parent | 1c4d4c690779ca67b2b8f654a5183fae69eca8d2 (diff) | |
posix_acl: Clear SGID bit when setting file permissions
commit 073931017b49d9458aa351605b43a7e34598caef upstream.
When file permissions are modified via chmod(2) and the user is not in
the owning group or capable of CAP_FSETID, the setgid bit is cleared in
inode_change_ok(). Setting a POSIX ACL via setxattr(2) sets the file
permissions as well as the new ACL, but doesn't clear the setgid bit in
a similar way; this allows to bypass the check in chmod(2). Fix that.
Reviewed-by: Christoph Hellwig <hch@lst.de>
Reviewed-by: Jeff Layton <jlayton@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Andreas Gruenbacher <agruenba@redhat.com>
Signed-off-by: Jiri Slaby <jslaby@suse.cz>
Diffstat (limited to 'include')
| -rw-r--r-- | include/linux/posix_acl.h | 1 |
1 files changed, 1 insertions, 0 deletions
diff --git a/include/linux/posix_acl.h b/include/linux/posix_acl.h index 7931efe71175..43cb8d59d0a7 100644 --- a/include/linux/posix_acl.h +++ b/include/linux/posix_acl.h @@ -89,6 +89,7 @@ extern int posix_acl_permission(struct inode *, const struct posix_acl *, int); extern struct posix_acl *posix_acl_from_mode(umode_t, gfp_t); extern int posix_acl_equiv_mode(const struct posix_acl *, umode_t *); extern int posix_acl_create(struct posix_acl **, gfp_t, umode_t *); +extern int posix_acl_update_mode(struct inode *, umode_t *, struct posix_acl **); extern int posix_acl_chmod(struct posix_acl **, gfp_t, umode_t); extern struct posix_acl *get_posix_acl(struct inode *, int); |