Re: [PATCH] mm: add missing mutex lock arround notify_change

From: Ted Ts'o
Date: Tue Dec 20 2011 - 17:46:21 EST

Next message: Vince Weaver: "Re: [RFC 4/5] x86, perf: implements lwp-perf-integration (rc1)"
Previous message: Kay Sievers: "Re: [PATCH-WIP] convert CPU sysdev class to a real subsytem (neededfor CPU modaliases)"
In reply to: Ted Ts'o: "Re: [PATCH] mm: add missing mutex lock arround notify_change"
Next in thread: Dave Chinner: "Re: [PATCH] mm: add missing mutex lock arround notify_change"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]

I just took a closer look, and we don't need to take immediate action;
there is no security issue here were someone could modify a writable
suid file as I had originally feared. It's not as obvious as it could
be because of how the code is broken up, but in mext_check_arguments()
in fs/ext4/move_extent.c, we return with an error if the donor file
has the SUID or SGID bit set, so we'll never actually end up calling
file_remove_suid(). So in fact the right patch is just to remove the
call to file_remove_suid() altogether.

- Ted
--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/

Next message: Vince Weaver: "Re: [RFC 4/5] x86, perf: implements lwp-perf-integration (rc1)"
Previous message: Kay Sievers: "Re: [PATCH-WIP] convert CPU sysdev class to a real subsytem (neededfor CPU modaliases)"
In reply to: Ted Ts'o: "Re: [PATCH] mm: add missing mutex lock arround notify_change"
Next in thread: Dave Chinner: "Re: [PATCH] mm: add missing mutex lock arround notify_change"
Messages sorted by: [ date ] [ thread ] [ subject ] [ author ]