From 0667dfffc7692f60b9953668579918006af6908f Mon Sep 17 00:00:00 2001 From: Li Xi <lixi@ddn.com> Date: Sun, 27 Apr 2014 13:06:43 -0400 Subject: [PATCH] staging/lustre: fix permission problem of setfacl Setxattr does not check the permission when setting ACL xattrs. This will cause security problem because any user can walk around permission checking by changing ACL rules. Signed-off-by: Li Xi <lixi@ddn.com> Reviewed-on: http://review.whamcloud.com/9473 Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4704 Reviewed-by: Andreas Dilger <andreas.dilger@intel.com> Reviewed-by: Bob Glossman <bob.glossman@intel.com> Reviewed-by: John L. Hammond <john.hammond@intel.com> Signed-off-by: Oleg Drokin <oleg.drokin@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org> --- drivers/staging/lustre/lustre/llite/xattr.c | 5 +++++ 1 file changed, 5 insertions(+) diff --git a/drivers/staging/lustre/lustre/llite/xattr.c b/drivers/staging/lustre/lustre/llite/xattr.c index b1ed4d9ea6be..67a1de41c5b2 100644 --- a/drivers/staging/lustre/lustre/llite/xattr.c +++ b/drivers/staging/lustre/lustre/llite/xattr.c @@ -124,6 +124,11 @@ int ll_setxattr_common(struct inode *inode, const char *name, if (rc) return rc; + if ((xattr_type == XATTR_ACL_ACCESS_T || + xattr_type == XATTR_ACL_DEFAULT_T) && + !inode_owner_or_capable(inode)) + return -EPERM; + /* b10667: ignore lustre special xattr for now */ if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) || (xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0)) -- 2.20.1