Re: [PATCH 2.6.5-mm4] sys_access race fix

From: Chris Wright
Date: Tue Apr 13 2004 - 18:12:46 EST

Next message: Pat LaVarre: "Re: Iomega REV driver"
Previous message: George Anzinger: "Re: /proc or ps tools bug? 2.6.3, time is off"
In reply to: Fabian Frederick: "Re: [PATCH 2.6.5-mm4] sys_access race fix"
Next in thread: Andrew Morton: "Re: [PATCH 2.6.5-mm4] sys_access race fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

* Fabian Frederick (Fabian.Frederick@xxxxxxxxx) wrote:
> Well, the only major function behind user_walk is path_lookup.
> This one has some calls with the nameidata.Other process seems
> current->fs->xxx relevant read-only.Maybe you mean the
> read_lock(&current->fs->lock) which could bring a deadlock as we
> task->lock before ?

No, point is simply that there's implicit permission check in
__user_walk().

> If user_walk had to run in ruid, why would we have permission() then ?

It's how the standards require the call to be implemented. The
access(2) check verifies access to the pathname using the ruid not euid.
Part of valid access includes search access on the directory elements of
the full pathname. Those tests are done during __user_walk.

thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Pat LaVarre: "Re: Iomega REV driver"
Previous message: George Anzinger: "Re: /proc or ps tools bug? 2.6.3, time is off"
In reply to: Fabian Frederick: "Re: [PATCH 2.6.5-mm4] sys_access race fix"
Next in thread: Andrew Morton: "Re: [PATCH 2.6.5-mm4] sys_access race fix"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]