]> git.karo-electronics.de Git - karo-tx-linux.git/commit
projects / karo-tx-linux.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: 841f706) | patch
[PATCH] setting ACLs on readonly mounted NFS filesystems (CVE-2005-3623)
authorAndreas Gruenbacher <agruen@suse.de>
Tue, 20 Dec 2005 15:29:05 +0000 (16:29 +0100)
committerGreg Kroah-Hartman <gregkh@suse.de>
Tue, 27 Dec 2005 00:08:59 +0000 (16:08 -0800)
commit0a63dca5ae2f975e08deae7e6c743a477af04367
treeea4159295a732a277b99ae4960a1575ef600e6a7tree | snapshot
parent841f70676036b309f7102e2c8024dc68c3946990commit | diff
[PATCH] setting ACLs on readonly mounted NFS filesystems (CVE-2005-3623)

We must check for MAY_SATTR before setting acls, which includes
checking for read-only exports: the lower-level setxattr operation
that eventually sets the acl cannot check export-level restrictions.

Bug reported by Martin Walter <mawa@uni-freiburg.de>.

Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
fs/nfsd/nfs2acl.c diff | blob | history
fs/nfsd/nfs3acl.c diff | blob | history
Linux kernel for KaRo TX COM modules