[2/2] posix_acl: Clear SGID bit when modifying file permissions
diff mbox

Message ID 1464274968-31182-2-git-send-email-jack@suse.cz
State New
Headers show

Commit Message

Jan Kara May 26, 2016, 3:02 p.m. UTC
When file permissions are modified via chmod(2) and the user modifying the
permissions is not capable of setting SGID bit for the file, the bit gets
cleared in inode_change_ok(). However this is not the case when file
permissions get modified via setfacl(1). Add clearing of SGID bit to
posix_acl_equiv_mode().

Signed-off-by: Jan Kara <jack@suse.cz>
---
 fs/posix_acl.c | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

Comments

Andreas Gr├╝nbacher May 26, 2016, 9:53 p.m. UTC | #1
Honza,

2016-05-26 17:02 GMT+02:00 Jan Kara <jack@suse.cz>:
> When file permissions are modified via chmod(2) and the user modifying the
> permissions is not capable of setting SGID bit for the file, the bit gets
> cleared in inode_change_ok(). However this is not the case when file
> permissions get modified via setfacl(1).

this looks like a bug we need to fix, but the two patches are horrible.
How about introducing the following helper in fs/posix_acl.c instead?

int posix_acl_update_mode(struct inode *inode, struct posix_acl **acl)
{
       int error;

       error = posix_acl_equiv_mode(*acl, &inode->i_mode);
       if (error < 0)
               return error;
       if (error == 0)
               *acl = NULL;
       if (!in_group_p(inode->i_gid) &&
           !capable_wrt_inode_uidgid(inode, CAP_FSETID))
               inode->i_mode &= ~S_ISGID;
       return 0;
}

Once all filesystems use that, posix_acl_equiv_mode can be made static.

Thanks,
Andreas
--
To unsubscribe from this list: send the line "unsubscribe linux-fsdevel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Patch
diff mbox

diff --git a/fs/posix_acl.c b/fs/posix_acl.c
index 0a7c5119ed8d..d714b9216418 100644
--- a/fs/posix_acl.c
+++ b/fs/posix_acl.c
@@ -311,8 +311,12 @@  posix_acl_equiv_mode(struct inode *inode, const struct posix_acl *acl,
 				return -EINVAL;
 		}
 	}
-        if (mode_p)
+        if (mode_p) {
+		if (!in_group_p(inode->i_gid) &&
+		    !capable_wrt_inode_uidgid(inode, CAP_FSETID))
+			*mode_p &= ~S_ISGID;
                 *mode_p = (*mode_p & ~S_IRWXUGO) | mode;
+	}
         return not_equiv;
 }
 EXPORT_SYMBOL(posix_acl_equiv_mode);