David Howells wrote:
> > > I think this is a pretty strong argument. Counter-arguments, anybody?
> >
> > Yes. CAP_DAC_READ_SEARCH.
>
> No, it would seem unlikely it's that, but I guess there's another capability
> override because the process is owned by root.
CAP_DAC_OVERRIDE, I think.
David Howells wrote:
> > I think this is a pretty strong argument. Counter-arguments, anybody?
>
> Yes. CAP_DAC_READ_SEARCH.
No, it would seem unlikely it's that, but I guess there's another capability
override because the process is owned by root.
David
--
To unsubscribe from this list: send
Linus Torvalds wrote:
> I think this is a pretty strong argument. Counter-arguments, anybody?
Yes. CAP_DAC_READ_SEARCH.
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majord...@vger.kernel.org
More majordomo info at http://vger.ker
Further:
[root@andromeda ~]# touch /tmp/foo
[root@andromeda ~]# chmod 0444 /tmp/foo
[root@andromeda ~]# ls -l /tmp/foo
-r--r--r--. 1 root root 0 Jan 31 00:17 /tmp/foo
[root@andromeda ~]# echo hello >/tmp/foo
[root@andromeda ~]# ls -l /tmp/foo
Eric W. Biederman wrote:
> These files have been read-only since this code was merged in 2002.
> Over a decade of not being used seems like a strong indication that no
> one cares about the write path.
Actually, things aren't as simple as they seem. Without the patch applied:
[root@and
Pali Rohár writes:
> 2014-01-30 Linus Torvalds :
>> Eric W. Biederman wrote:
>>> These files have been read-only since this code was merged in 2002.
>>> Over a decade of not being used seems like a strong indication that no
>>> one cares about the write path.
>> I think this is a pretty strong
On Thu, Jan 30, 2014 at 02:27:15PM -0800, Linus Torvalds wrote:
> On Thu, Jan 30, 2014 at 2:15 PM, Pali Rohár wrote:
> >
> > In afs documentation is written that you need to write to these files. See:
>
> Well, but the afs documentation is clearly wrong, since the
> "documented" procedure d
On Thu, Jan 30, 2014 at 2:15 PM, Pali Rohár wrote:
>
> In afs documentation is written that you need to write to these files. See:
Well, but the afs documentation is clearly wrong, since the
"documented" procedure doesn't actually *work*.
So I don't think "it's documented" is a very strong argum
2014-01-30 Linus Torvalds :
> On Thu, Jan 30, 2014 at 1:48 PM, Eric W. Biederman
> wrote:
>>
>> These files have been read-only since this code was merged in 2002.
>> Over a decade of not being used seems like a strong indication that no
>> one cares about the write path.
>
> I think this is a pre
On Thu, Jan 30, 2014 at 1:48 PM, Eric W. Biederman
wrote:
>
> These files have been read-only since this code was merged in 2002.
> Over a decade of not being used seems like a strong indication that no
> one cares about the write path.
I think this is a pretty strong argument. Counter-arguments,
David Howells writes:
> From: Pali Rohár
>
> Both proc files are writeable and used for configuring cells. But
> there is missing correct mode flag for writeable files. Without
> this patch both proc files are read only.
Dumb question. Is this worth fixing? Should we perhaps instead remove
th
Al Viro wrote:
> > ... and then making proc_create() only permit regular files (and complain
> > if the S_IFMT field is not zero)?
>
> We already do: in proc_create_data() we have
> struct proc_dir_entry *pde;
> if ((mode & S_IFMT) == 0)
> mode |= S_IFREG;
>
>
On Tue, Jan 28, 2014 at 08:20:12PM +, David Howells wrote:
> Linus Torvalds wrote:
>
> > > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> > > + p = proc_create("cells", S_IFREG | S_IRUGO | S_IWUSR, proc_afs,
> > > &afs_proc_cells_fops);
> > > - p = proc_cr
From: Pali Rohár
Both proc files are writeable and used for configuring cells. But
there is missing correct mode flag for writeable files. Without
this patch both proc files are read only.
Signed-off-by: Pali Rohár
Signed-off-by: David Howells
---
fs/afs/proc.c |4 ++--
1 file changed, 2
Linus Torvalds wrote:
> > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> > + p = proc_create("cells", S_IFREG | S_IRUGO | S_IWUSR, proc_afs,
> > &afs_proc_cells_fops);
> > - p = proc_create("rootcell", 0, proc_afs, &afs_proc_rootcell_fops);
> > + p = pro
On Tue, 2014-01-28 at 13:17 +0100, Geert Uytterhoeven wrote:
> On Tue, Jan 28, 2014 at 1:04 PM, Ingo Molnar wrote:
> > * Geert Uytterhoeven wrote:
> >> On Sun, Jan 26, 2014 at 9:25 PM, Ingo Molnar wrote:
> >> > * Ingo Molnar wrote:
> >> >> * Linus Torvalds wrote:
> >> >> > On Sun, Jan 26, 2014
* Geert Uytterhoeven wrote:
> On Tue, Jan 28, 2014 at 1:04 PM, Ingo Molnar wrote:
> > * Geert Uytterhoeven wrote:
> >> On Sun, Jan 26, 2014 at 9:25 PM, Ingo Molnar wrote:
> >> > * Ingo Molnar wrote:
> >> >> * Linus Torvalds wrote:
> >> >> > On Sun, Jan 26, 2014 at 4:27 AM, David Howells
>
On Tue, Jan 28, 2014 at 1:04 PM, Ingo Molnar wrote:
> * Geert Uytterhoeven wrote:
>> On Sun, Jan 26, 2014 at 9:25 PM, Ingo Molnar wrote:
>> > * Ingo Molnar wrote:
>> >> * Linus Torvalds wrote:
>> >> > On Sun, Jan 26, 2014 at 4:27 AM, David Howells
>> >> > wrote:
>> >> > > - p = proc_cr
* Geert Uytterhoeven wrote:
> On Sun, Jan 26, 2014 at 9:25 PM, Ingo Molnar wrote:
> > * Ingo Molnar wrote:
> >> * Linus Torvalds wrote:
> >> > On Sun, Jan 26, 2014 at 4:27 AM, David Howells
> >> > wrote:
> >> > > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> >> > >
On Sun, Jan 26, 2014 at 9:25 PM, Ingo Molnar wrote:
> * Ingo Molnar wrote:
>> * Linus Torvalds wrote:
>> > On Sun, Jan 26, 2014 at 4:27 AM, David Howells wrote:
>> > > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
>> > > + p = proc_create("cells", S_IFREG | S_IRUGO
Ingo wrote:
> Perhaps we could also generate the most common variants as:
>
> #define PERM__rw_r__r__ 0644
You're not alone!
http://lkml.indiana.edu/hypermail/linux/kernel/0607.3/1325.html
But I think 0644 is obvious and the most right way.
Of course, proc should detect those (->write vs ->mode
* Ingo Molnar wrote:
>
> * Linus Torvalds wrote:
>
> > On Sun, Jan 26, 2014 at 4:27 AM, David Howells wrote:
> > >
> > > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> > > + p = proc_create("cells", S_IFREG | S_IRUGO | S_IWUSR, proc_afs,
> > > &afs_proc_cells_f
* Ingo Molnar wrote:
> Perhaps we could also generate the most common variants as:
>
> #define PERM__rw_r__r__ 0644
> #define PERM__r 0400
> #define PERM__r__r__r__ 0444
> #define PERM__r_xr_xr_x 0555
>
> etc.
>
> or something si
* Linus Torvalds wrote:
> On Sun, Jan 26, 2014 at 4:27 AM, David Howells wrote:
> >
> > - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> > + p = proc_create("cells", S_IFREG | S_IRUGO | S_IWUSR, proc_afs,
> > &afs_proc_cells_fops);
> > - p = proc_create("rootc
On Sun, Jan 26, 2014 at 4:27 AM, David Howells wrote:
>
> - p = proc_create("cells", 0, proc_afs, &afs_proc_cells_fops);
> + p = proc_create("cells", S_IFREG | S_IRUGO | S_IWUSR, proc_afs,
> &afs_proc_cells_fops);
> - p = proc_create("rootcell", 0, proc_afs, &afs_proc_rootcell_f
From: Pali Rohár
Both proc files are writeable and used for configuring cells. But
there is missing correct mode flag for writeable files. Without
this patch both proc files are read only.
Signed-off-by: Pali Rohár
Signed-off-by: David Howells
---
fs/afs/proc.c |4 ++--
1 file changed, 2
On Tuesday 17 December 2013 19:31:05 David Howells wrote:
> Andrew Morton wrote:
> > David ack?
>
> I've signed it off and added here:
>
> http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs
> .git/commit/?h=afs&id=8de69dbba9012693d4f9e7a7e3c12a0b467f85f3
>
> David
Can you prop
Andrew Morton wrote:
> David ack?
I've signed it off and added here:
http://git.kernel.org/cgit/linux/kernel/git/dhowells/linux-fs.git/commit/?h=afs&id=8de69dbba9012693d4f9e7a7e3c12a0b467f85f3
David
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body
On Monday 16 December 2013 08:00:04 Andrew Morton wrote:
> On Wed, 20 Nov 2013 14:30:55 +0100 Pali Roh__r
wrote:
> > Both proc files are writeable and used for configuring
> > cells. But there is missing correct mode flag for writeable
> > files. Without this patch both proc files are read only.
On Wed, 20 Nov 2013 14:30:55 +0100 Pali Roh__r wrote:
> Both proc files are writeable and used for configuring cells. But
> there is missing correct mode flag for writeable files. Without
> this patch both proc files are read only.
>
> diff --git a/fs/afs/proc.c b/fs/afs/proc.c
> index 526e4bb..
On Wednesday 20 November 2013 14:30:55 Pali Rohár wrote:
> Both proc files are writeable and used for configuring cells.
> But there is missing correct mode flag for writeable files.
> Without this patch both proc files are read only.
>
> diff --git a/fs/afs/proc.c b/fs/afs/proc.c
> index 526e4bb.
Both proc files are writeable and used for configuring cells. But
there is missing correct mode flag for writeable files. Without
this patch both proc files are read only.
diff --git a/fs/afs/proc.c b/fs/afs/proc.c
index 526e4bb..276cb6e 100644
--- a/fs/afs/proc.c
+++ b/fs/afs/proc.c
@@ -147,11 +1
32 matches
Mail list logo
