From: Brian Foster <bfoster@redhat.com>
To: Ben Myers <bpm@sgi.com>
Cc: xfs@oss.sgi.com
Subject: Re: [PATCH 7/9] xfs: kill suid/sgid through the truncate path.
Date: Thu, 30 May 2013 12:02:40 -0400 [thread overview]
Message-ID: <51A77820.2070804@redhat.com> (raw)
In-Reply-To: <20130530155208.GD20028@sgi.com>
On 05/30/2013 11:52 AM, Ben Myers wrote:
> Hey Brian,
>
> On Thu, May 30, 2013 at 10:17:30AM -0400, Brian Foster wrote:
>> On 05/27/2013 02:38 AM, Dave Chinner wrote:
>>> From: Dave Chinner <dchinner@redhat.com>
>>>
>>> XFS has failed to kill suid/sgid bits correctly when truncating
>>> files of non-zero size since commit c4ed4243 ("xfs: split
>>> xfs_setattr") introduced in the 3.1 kernel. Fix it.
>>>
>>
>> The code makes sense and I can easily hit an assert when truncating
>> (extending) a suid file on a debug kernel without this patch (and I see
>> the suid dropped with the patch).
>
> What commands did you use? It seems like this is dealing with S_ISGID, correct?
>
Hi Ben,
Yeah, that confused me at first as well. I believe the vfs interprets
the ATTR_KILL_SUID/SGIT bits prior to the setattr call and wipes out the
associated mode bits if necessary.
What I did was basically create a zero sized file as root, chmod to a+s
and a+rwx and then as a regular user, truncate that file to something
larger than zero. Without the patch I hit the assert and with the patch
the assert doesn't fire and the setuid bit is dropped.
Brian
> Thanks,
> Ben
>
_______________________________________________
xfs mailing list
xfs@oss.sgi.com
http://oss.sgi.com/mailman/listinfo/xfs
next prev parent reply other threads:[~2013-05-30 16:05 UTC|newest]
Thread overview: 54+ messages / expand[flat|nested] mbox.gz Atom feed top
2013-05-27 6:38 [PATH 0/9] xfs: fixes for 3.10-rc4 Dave Chinner
2013-05-27 6:38 ` [PATCH 1/9] xfs: don't emit v5 superblock warnings on write Dave Chinner
2013-05-29 16:39 ` Brian Foster
2013-05-30 17:49 ` Ben Myers
2013-06-11 6:05 ` Dave Chinner
2013-06-11 21:29 ` Ben Myers
2013-05-27 6:38 ` [PATCH 2/9] xfs: fix incorrect remote symlink block count Dave Chinner
2013-05-29 16:39 ` Brian Foster
2013-05-30 0:46 ` Dave Chinner
2013-05-30 17:49 ` Ben Myers
2013-05-27 6:38 ` [PATCH 3/9] xfs: increase number of ACL entries for V5 superblocks Dave Chinner
2013-05-29 16:40 ` Brian Foster
2013-05-27 6:38 ` [PATCH 4/9] xfs: rework dquot CRCs Dave Chinner
2013-05-29 18:58 ` Brian Foster
2013-05-30 1:00 ` Dave Chinner
2013-05-30 12:02 ` Brian Foster
2013-06-03 4:12 ` Dave Chinner
2013-05-27 6:38 ` [PATCH 5/9] xfs: fix split buffer vector log recovery support Dave Chinner
2013-05-29 19:21 ` Mark Tinguely
2013-05-30 17:49 ` Ben Myers
2013-05-27 6:38 ` [PATCH 6/9] xfs: disable swap extents ioctl on CRC enabled filesystems Dave Chinner
2013-05-28 21:49 ` Ben Myers
2013-05-30 1:07 ` Dave Chinner
2013-05-29 21:06 ` Brian Foster
2013-05-30 17:56 ` Ben Myers
2013-05-27 6:38 ` [PATCH 7/9] xfs: kill suid/sgid through the truncate path Dave Chinner
2013-05-30 14:17 ` Brian Foster
2013-05-30 15:52 ` Ben Myers
2013-05-30 16:02 ` Brian Foster [this message]
2013-05-30 17:07 ` Ben Myers
2013-05-27 6:38 ` [PATCH 8/9] xfs: add fsgeom flag for v5 superblock support Dave Chinner
2013-05-29 15:10 ` Eric Sandeen
2013-05-29 21:43 ` Ben Myers
2013-05-29 21:47 ` Ben Myers
2013-05-30 1:28 ` Dave Chinner
2013-05-30 1:11 ` Dave Chinner
2013-05-30 14:17 ` Brian Foster
2013-05-30 17:57 ` Ben Myers
2013-05-27 6:38 ` [PATCH 9/9] xfs: inode unlinked list needs to recalculate the inode CRC Dave Chinner
2013-05-28 11:51 ` Dave Chinner
2013-05-28 20:36 ` [PATCH 9a,9b v2, replacements] xfs: unlinked list crcs Dave Chinner
2013-05-28 20:36 ` [PATCH 1/2] xfs: fix log recovery transaction item reordering Dave Chinner
2013-05-28 20:36 ` [PATCH 2/2] xfs: inode unlinked list needs to recalculate the inode CRC Dave Chinner
2013-05-30 14:17 ` Brian Foster
2013-05-30 20:27 ` Dave Chinner
2013-05-28 8:37 ` [PATCH 10/9] xfs: fix dir3 freespace block corruption Dave Chinner
2013-05-30 19:15 ` Ben Myers
2013-05-31 21:54 ` Ben Myers
2013-05-28 17:56 ` [PATH 0/9] xfs: fixes for 3.10-rc4 Ben Myers
2013-05-28 23:54 ` Dave Chinner
2013-05-29 19:01 ` Ben Myers
2013-05-29 19:27 ` Eric Sandeen
2013-05-29 19:45 ` Ben Myers
2013-05-28 21:27 ` [PATCH 11/9] xfs: fix remote attribute invalidation for a leaf Dave Chinner
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=51A77820.2070804@redhat.com \
--to=bfoster@redhat.com \
--cc=bpm@sgi.com \
--cc=xfs@oss.sgi.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.