]> git.baikalelectronics.ru Git - kernel.git/commit
[PATCH] FUSE: tighten check for processes allowed access
authorMiklos Szeredi <miklos@szeredi.hu>
Fri, 9 Sep 2005 20:10:34 +0000 (13:10 -0700)
committerLinus Torvalds <torvalds@g5.osdl.org>
Fri, 9 Sep 2005 21:03:46 +0000 (14:03 -0700)
commit5508ac7f99ae6855e33c41e5aca5813969fdb13f
treedd2e7a9fd96b2dd3ebc3951fef2d682e83aa6bb4
parent2a37be84d5d26ecbea5c8f94641f20693a8aae00
[PATCH] FUSE: tighten check for processes allowed access

This patch tightens the check for allowing processes to access non-privileged
mounts.  The rational is that the filesystem implementation can control the
behavior or get otherwise unavailable information of the filesystem user.  If
the filesystem user process has the same uid, gid, and is not suid or sgid
application, then access is safe.  Otherwise access is not allowed unless the
"allow_other" mount option is given (for which policy is controlled by the
userspace mount utility).

Thanks to everyone linux-fsdevel, especially Martin Mares who helped uncover
problems with the previous approach.

Signed-off-by: Miklos Szeredi <miklos@szeredi.hu>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
fs/fuse/dir.c
fs/fuse/fuse_i.h
fs/fuse/inode.c