Please try this small patch. It should fix the problem. Thanks, Erez.
Unionfs: prevent a privilege escalation during first copyup Signed-off-by: Erez Zadok <[EMAIL PROTECTED]> diff --git a/fs/unionfs/inode.c b/fs/unionfs/inode.c index 0bd9fab..ce87887 100644 --- a/fs/unionfs/inode.c +++ b/fs/unionfs/inode.c @@ -795,10 +795,11 @@ static int unionfs_permission(struct inode *inode, int mask) * We check basic permissions, but we ignore any conditions * such as readonly file systems or branches marked as * readonly, because those conditions should lead to a - * copyup taking place later on. + * copyup taking place later on. However, if user never had + * access to the file, then no copyup could ever take place. */ err = inode_permission(lower_inode, mask); - if (err && bindex > 0) { + if (err && err != -EACCES && bindex > 0) { umode_t mode = lower_inode->i_mode; if (is_robranch_super(inode->i_sb, bindex) && (S_ISREG(mode) || S_ISDIR(mode) || S_ISLNK(mode))) _______________________________________________ unionfs mailing list: http://unionfs.filesystems.org/ unionfs@mail.fsl.cs.sunysb.edu http://www.fsl.cs.sunysb.edu/mailman/listinfo/unionfs