* [PATCH 0/1] OverlayFS: Fix checking permissions during lookup.
@ 2016-01-25 16:10 Ignacy Gawędzki
0 siblings, 0 replies; only message in thread
From: Ignacy Gawędzki @ 2016-01-25 16:10 UTC (permalink / raw)
To: linux-kernel
Hi,
While trying to figure out what exactly is going on with permission
checking in OverlayFS, I found a pretty simple way to, so it seems,
fix it.
The problem I was having is triggered with the following setup:
drwxr-xr-x lower/
drwx------ lower/foo/
drw-r--r-- lower/boo/bar
drwxr-xr-x upper/
drwxr-xr-x upper/foo/
mounted with lower/ as the lowerdir and upper/ as the upperdir.
The issue is that when caches are empty, any user who is not the
owner of lower/foo/ and who tries to access foo/bar on the mounted
overlay gets EACCES. Once the owner accesses foo/bar, that positive
result it cached and other users can access foo/bar as expected.
It would be nice if someone could take a look at the patch that
follows and give me some feedback. The fix is simple, but a bit
intrusive and I wonder whether this is necessarily the way to go.
Cheers,
Ignacy
Ignacy Gawędzki (1):
OverlayFS: Fix checking permissions during lookup.
fs/namei.c | 21 ++++++++++++++++++++-
fs/overlayfs/super.c | 2 +-
include/linux/namei.h | 1 +
3 files changed, 22 insertions(+), 2 deletions(-)
--
2.5.0
^ permalink raw reply [flat|nested] only message in thread
only message in thread, other threads:[~2016-01-25 16:39 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2016-01-25 16:10 [PATCH 0/1] OverlayFS: Fix checking permissions during lookup Ignacy Gawędzki
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).