Re: 2.6.22-rc6(mm1) Unable to handle kernel NULL pointer dereference - git-bisect result

[Al Viro]

On Sun, Jul 08, 2007 at 11:24:53AM -0700, Ulrich Drepper wrote:
> -----BEGIN PGP SIGNED MESSAGE-----
> Hash: SHA1
> 
> Linus Torvalds wrote:
> > notify_change() does *not* do permission checks for 
> > ATTR_CTIME/MTIME/ATIME.
> 
> Then I don't understand
> 
>         /* Check for setting the inode time. */
>         if (ia_valid & (ATTR_MTIME_SET | ATTR_ATIME_SET)) {
>                 if (current->fsuid != inode->i_uid && !capable(CAP_FOWNER))
>                         goto error;
>         }
> 
> in inode_change_ok.  This seems to me exactly like the check needed.

Sigh...  There are two operations.
	1) set the timestamp to user-supplied value.  Owner-only.
	2) have the timestamp set to _now_.  Obviously can be done not
only by the owner (think of e.g. write(2)); having write access is
sufficient.

ATTR_MTIME_SET is the former.  ATTR_MTIME without ATTR_MTIME_SET is the
latter and that's what utimes(foo, NULL) ends up doing.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/