Use access mode instead of open flags to determine needed permissions (CVE-2008-0001) (fb7a7420) · Commits · linux-arm / linux-sh

Commit fb7a7420 authored Jan 15, 2008 by Linus Torvalds Committed by Adrian Bunk Jan 16, 2008

Use access mode instead of open flags to determine needed permissions (CVE-2008-0001)



patch 974a9f0b in mainline

Way back when (in commit 834f2a4a, aka
"VFS: Allow the filesystem to return a full file pointer on open intent"
to be exact), Trond changed the open logic to keep track of the original
flags to a file open, in order to pass down the the intent of a dentry
lookup to the low-level filesystem.

However, when doing that reorganization, it changed the meaning of
namei_flags, and thus inadvertently changed the test of access mode for
directories (and RO filesystem) to use the wrong flag.  So fix those
test back to use access mode ("acc_mode") rather than the open flag
("flag").

Issue noticed by Bill Roman at Datalight.

Reported-and-tested-by: Bill Roman <bill.roman@datalight.com>
Acked-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Acked-by: Al Viro <viro@ZenIV.linux.org.uk>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Adrian Bunk <bunk@kernel.org>

parent 0c0b10ef

Hide whitespace changes

Inline Side-by-side

Please register or to comment