[PATCH] don't allow utime()/utimes() on immutable/append-only files

From: Ethan Benson (erbenson@alaska.net)
Date: Sun Jun 08 2003 - 01:14:39 EST


Hi,

I recently noticed that utime() and utimes() is allowed on immutable
or append-only files. I believe this should not be permitted.

Attached is a patch which returns -EPERM on attempts to set timestamps
explicitly (utime[s]() with a timebuf arg), and which returns EACCES
when these are called with a NULL time arg for immutable files.

utime/utimes with a NULL time arg is allowed on an append-only file.
Since timestamps are updated when append-only files are written to, it
seems acceptable to allow the timestamp to be updated to the current
time.

I am not subscribed to linux-kernel, so please CC any replies, thanks.

--- linux.orig/fs/open.c Sun Jun 1 20:39:38 2003
+++ linux/fs/open.c Sun Jun 1 20:54:14 2003
@@ -272,6 +272,9 @@
         /* Don't worry, the checks are done in inode_change_ok() */
         newattrs.ia_valid = ATTR_CTIME | ATTR_MTIME | ATTR_ATIME;
         if (times) {
+ error = -EPERM;
+ if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
+ goto dput_and_out;
                 error = get_user(newattrs.ia_atime, &times->actime);
                 if (!error)
                         error = get_user(newattrs.ia_mtime, &times->modtime);
@@ -280,6 +283,9 @@
 
                 newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
         } else {
+ error = -EACCES;
+ if (IS_IMMUTABLE(inode))
+ goto dput_and_out;
                 if (current->fsuid != inode->i_uid &&
                     (error = permission(inode,MAY_WRITE)) != 0)
                         goto dput_and_out;
@@ -318,6 +324,9 @@
         newattrs.ia_valid = ATTR_CTIME | ATTR_MTIME | ATTR_ATIME;
         if (utimes) {
                 struct timeval times[2];
+ error = -EPERM;
+ if (IS_APPEND(inode) || IS_IMMUTABLE(inode))
+ goto dput_and_out;
                 error = -EFAULT;
                 if (copy_from_user(&times, utimes, sizeof(times)))
                         goto dput_and_out;
@@ -325,6 +334,10 @@
                 newattrs.ia_mtime = times[1].tv_sec;
                 newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
         } else {
+ error = -EACCES;
+ if (IS_IMMUTABLE(inode))
+ goto dput_and_out;
+
                 if (current->fsuid != inode->i_uid &&
                     (error = permission(inode,MAY_WRITE)) != 0)
                         goto dput_and_out;

-- 
Ethan Benson
http://www.alaska.net/~erbenson/
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/



This archive was generated by hypermail 2b29 : Sun Jun 15 2003 - 22:00:18 EST