Google Git
Sign in
kernel / pub / scm / linux / kernel / git / horms / ipvs-next / 0a63dca5ae2f975e08deae7e6c743a477af04367
commit0a63dca5ae2f975e08deae7e6c743a477af04367[log] [tgz]
authorAndreas Gruenbacher <agruen@suse.de>Tue Dec 20 16:29:05 2005 +0100
committerGreg Kroah-Hartman <gregkh@suse.de>Mon Dec 26 16:08:59 2005 -0800
treeea4159295a732a277b99ae4960a1575ef600e6a7
parent841f70676036b309f7102e2c8024dc68c3946990 [diff]
[PATCH] setting ACLs on readonly mounted NFS filesystems (CVE-2005-3623)

We must check for MAY_SATTR before setting acls, which includes
checking for read-only exports: the lower-level setxattr operation
that eventually sets the acl cannot check export-level restrictions.

Bug reported by Martin Walter <mawa@uni-freiburg.de>.

Signed-off-by: Andreas Gruenbacher <agruen@suse.de>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
2 files changed
tree: ea4159295a732a277b99ae4960a1575ef600e6a7
  1. arch/
  2. crypto/
  3. Documentation/
  4. drivers/
  5. fs/
  6. include/
  7. init/
  8. ipc/
  9. kernel/
  10. lib/
  11. mm/
  12. net/
  13. scripts/
  14. security/
  15. sound/
  16. usr/
  17. .gitignore
  18. COPYING
  19. CREDITS
  20. Kbuild
  21. MAINTAINERS
  22. Makefile
  23. README
  24. REPORTING-BUGS