[PATCH] utimes permission check

From: Stephen Rothwell <sfr@canb.auug.org.au>
To: Marcelo Tosatti <marcelo@conectiva.com.br>,
	Linus <torvalds@transmeta.com>
Cc: Trivial Kernel Patches <trivial@rustcorp.com.au>,
	LKML <linux-kernel@vger.kernel.org>
Subject: [PATCH] utimes permission check
Date: Thu, 13 Jun 2002 14:52:47 +1000	[thread overview]
Message-ID: <20020613145247.52b10c61.sfr@canb.auug.org.au> (raw)

Hi Marcelo, Linus,

The utime and utimes should do exactly the smae permission check
according to SUSv3.
	"The effective user ID of the process shall match the owner of the file,
or has write access to the file or appropriate privileges to use this call
in this manner."

utimes when passed a NULL second argument would fail on a read only
file even if the file is owned by the caller.

As a side note, it appears that glibc in i386 turns calls to utimes into
calls to utime (so this bug is not apparent), but on ia64, glibc turns
calls to utime into calls to utimes (so this bug affects utime as well).
In the kernel we have both syscalls except on Alpha and IA64 where we
don't have utime ... I have no idea what it does on other architectures.
-- 
Cheers,
Stephen Rothwell                    sfr@canb.auug.org.au
http://www.canb.auug.org.au/~sfr/

diff -ruN 2.4.19-pre10/fs/open.c 2.4.19-pre10-utimes.1/fs/open.c

--- 2.4.19-pre10/fs/open.c	Tue Jun  4 13:56:22 2002
+++ 2.4.19-pre10-utimes.1/fs/open.c	Thu Jun 13 14:38:35 2002
@@ -325,7 +325,8 @@
 		newattrs.ia_mtime = times[1].tv_sec;
 		newattrs.ia_valid |= ATTR_ATIME_SET | ATTR_MTIME_SET;
 	} else {
-		if ((error = permission(inode,MAY_WRITE)) != 0)
+		if (current->fsuid != inode->i_uid &&
+		    (error = permission(inode,MAY_WRITE)) != 0)
 			goto dput_and_out;
 	}
 	error = notify_change(nd.dentry, &newattrs);
