| dir.c (92a8780e1136c5ca0c7ed940000d399943d1576e) | dir.c (87729a5514e855ce2c71e3e33833a106b8caf2ae) |
|---|---|
| 1/* 2 FUSE: Filesystem in Userspace 3 Copyright (C) 2001-2005 Miklos Szeredi <miklos@szeredi.hu> 4 5 This program can be distributed under the terms of the GNU GPL. 6 See the file COPYING. 7*/ 8 --- 397 unchanged lines hidden (view full) --- 406 fuse_change_attributes(inode, &arg.attr); 407 fi->i_time = time_to_jiffies(arg.attr_valid, 408 arg.attr_valid_nsec); 409 } 410 } 411 return err; 412} 413 | 1/* 2 FUSE: Filesystem in Userspace 3 Copyright (C) 2001-2005 Miklos Szeredi <miklos@szeredi.hu> 4 5 This program can be distributed under the terms of the GNU GPL. 6 See the file COPYING. 7*/ 8 --- 397 unchanged lines hidden (view full) --- 406 fuse_change_attributes(inode, &arg.attr); 407 fi->i_time = time_to_jiffies(arg.attr_valid, 408 arg.attr_valid_nsec); 409 } 410 } 411 return err; 412} 413 |
| 414/* 415 * Calling into a user-controlled filesystem gives the filesystem 416 * daemon ptrace-like capabilities over the requester process. This 417 * means, that the filesystem daemon is able to record the exact 418 * filesystem operations performed, and can also control the behavior 419 * of the requester process in otherwise impossible ways. For example 420 * it can delay the operation for arbitrary length of time allowing 421 * DoS against the requester. 422 * 423 * For this reason only those processes can call into the filesystem, 424 * for which the owner of the mount has ptrace privilege. This 425 * excludes processes started by other users, suid or sgid processes. 426 */ 427static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) 428{ 429 if (fc->flags & FUSE_ALLOW_OTHER) 430 return 1; 431 432 if (task->euid == fc->user_id && 433 task->suid == fc->user_id && 434 task->uid == fc->user_id && 435 task->egid == fc->group_id && 436 task->sgid == fc->group_id && 437 task->gid == fc->group_id) 438 return 1; 439 440 return 0; 441} 442 |
|
| 414static int fuse_revalidate(struct dentry *entry) 415{ 416 struct inode *inode = entry->d_inode; 417 struct fuse_inode *fi = get_fuse_inode(inode); 418 struct fuse_conn *fc = get_fuse_conn(inode); 419 | 443static int fuse_revalidate(struct dentry *entry) 444{ 445 struct inode *inode = entry->d_inode; 446 struct fuse_inode *fi = get_fuse_inode(inode); 447 struct fuse_conn *fc = get_fuse_conn(inode); 448 |
| 420 if (get_node_id(inode) == FUSE_ROOT_ID) { 421 if (!(fc->flags & FUSE_ALLOW_OTHER) && 422 current->fsuid != fc->user_id) 423 return -EACCES; 424 } else if (time_before_eq(jiffies, fi->i_time)) | 449 if (!fuse_allow_task(fc, current)) 450 return -EACCES; 451 if (get_node_id(inode) != FUSE_ROOT_ID && 452 time_before_eq(jiffies, fi->i_time)) |
| 425 return 0; 426 427 return fuse_do_getattr(inode); 428} 429 430static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) 431{ 432 struct fuse_conn *fc = get_fuse_conn(inode); 433 | 453 return 0; 454 455 return fuse_do_getattr(inode); 456} 457 458static int fuse_permission(struct inode *inode, int mask, struct nameidata *nd) 459{ 460 struct fuse_conn *fc = get_fuse_conn(inode); 461 |
| 434 if (!(fc->flags & FUSE_ALLOW_OTHER) && current->fsuid != fc->user_id) | 462 if (!fuse_allow_task(fc, current)) |
| 435 return -EACCES; 436 else if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { 437 int err = generic_permission(inode, mask, NULL); 438 439 /* If permission is denied, try to refresh file 440 attributes. This is also needed, because the root 441 node will at first have no permissions */ 442 if (err == -EACCES) { --- 539 unchanged lines hidden --- | 463 return -EACCES; 464 else if (fc->flags & FUSE_DEFAULT_PERMISSIONS) { 465 int err = generic_permission(inode, mask, NULL); 466 467 /* If permission is denied, try to refresh file 468 attributes. This is also needed, because the root 469 node will at first have no permissions */ 470 if (err == -EACCES) { --- 539 unchanged lines hidden --- |