* [PATCH] FUSE: remove allow_root mount option
@ 2005-04-24 15:09 Miklos Szeredi
0 siblings, 0 replies; only message in thread
From: Miklos Szeredi @ 2005-04-24 15:09 UTC (permalink / raw)
To: akpm; +Cc: linux-kernel
This patch removes the "allow_root" mount option, since it can be done
in userspace. Based on Jamie Lokier's idea.
Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
diff -rup linux-2.6.12-rc2-mm3/fs/fuse/dir.c linux-fuse/fs/fuse/dir.c
--- linux-2.6.12-rc2-mm3/fs/fuse/dir.c 2005-04-22 15:37:21.000000000 +0200
+++ linux-fuse/fs/fuse/dir.c 2005-04-22 15:38:04.000000000 +0200
@@ -420,9 +420,7 @@ static int fuse_revalidate(struct dentry
if (get_node_id(inode) == FUSE_ROOT_ID) {
if (!(fc->flags & FUSE_ALLOW_OTHER) &&
- current->fsuid != fc->user_id &&
- (!(fc->flags & FUSE_ALLOW_ROOT) ||
- !capable(CAP_DAC_OVERRIDE)))
+ current->fsuid != fc->user_id)
return -EACCES;
} else if (time_before_eq(jiffies, fi->i_time))
return 0;
@@ -434,8 +432,7 @@ static int fuse_permission(struct inode
{
struct fuse_conn *fc = get_fuse_conn(inode);
- if (!(fc->flags & FUSE_ALLOW_OTHER) && current->fsuid != fc->user_id &&
- (!(fc->flags & FUSE_ALLOW_ROOT) || !capable(CAP_DAC_OVERRIDE)))
+ if (!(fc->flags & FUSE_ALLOW_OTHER) && current->fsuid != fc->user_id)
return -EACCES;
else if (fc->flags & FUSE_DEFAULT_PERMISSIONS) {
int err = generic_permission(inode, mask, NULL);
diff -rup linux-2.6.12-rc2-mm3/fs/fuse/fuse_i.h linux-fuse/fs/fuse/fuse_i.h
--- linux-2.6.12-rc2-mm3/fs/fuse/fuse_i.h 2005-04-22 15:37:21.000000000 +0200
+++ linux-fuse/fs/fuse/fuse_i.h 2005-04-22 15:38:04.000000000 +0200
@@ -37,10 +37,6 @@
/** Bypass the page cache for read and write operations */
#define FUSE_DIRECT_IO (1 << 3)
-/** Allow root and setuid-root programs to access fuse-mounted
- filesystems */
-#define FUSE_ALLOW_ROOT (1 << 4)
-
/** FUSE inode */
struct fuse_inode {
/** Inode data */
diff -rup linux-2.6.12-rc2-mm3/fs/fuse/inode.c linux-fuse/fs/fuse/inode.c
--- linux-2.6.12-rc2-mm3/fs/fuse/inode.c 2005-04-22 15:37:21.000000000 +0200
+++ linux-fuse/fs/fuse/inode.c 2005-04-22 15:38:04.000000000 +0200
@@ -248,7 +247,6 @@ enum {
OPT_USER_ID,
OPT_DEFAULT_PERMISSIONS,
OPT_ALLOW_OTHER,
- OPT_ALLOW_ROOT,
OPT_KERNEL_CACHE,
OPT_DIRECT_IO,
OPT_MAX_READ,
@@ -261,7 +259,6 @@ static match_table_t tokens = {
{OPT_USER_ID, "user_id=%u"},
{OPT_DEFAULT_PERMISSIONS, "default_permissions"},
{OPT_ALLOW_OTHER, "allow_other"},
- {OPT_ALLOW_ROOT, "allow_root"},
{OPT_KERNEL_CACHE, "kernel_cache"},
{OPT_DIRECT_IO, "direct_io"},
{OPT_MAX_READ, "max_read=%u"},
@@ -310,10 +307,6 @@ static int parse_fuse_opt(char *opt, str
d->flags |= FUSE_ALLOW_OTHER;
break;
- case OPT_ALLOW_ROOT:
- d->flags |= FUSE_ALLOW_ROOT;
- break;
-
case OPT_KERNEL_CACHE:
d->flags |= FUSE_KERNEL_CACHE;
break;
@@ -347,8 +340,6 @@ static int fuse_show_options(struct seq_
seq_puts(m, ",default_permissions");
if (fc->flags & FUSE_ALLOW_OTHER)
seq_puts(m, ",allow_other");
- if (fc->flags & FUSE_ALLOW_ROOT)
- seq_puts(m, ",allow_root");
if (fc->flags & FUSE_KERNEL_CACHE)
seq_puts(m, ",kernel_cache");
if (fc->flags & FUSE_DIRECT_IO)
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2005-04-24 15:11 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2005-04-24 15:09 [PATCH] FUSE: remove allow_root mount option Miklos Szeredi
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.