I would also like opinions on the correct way to test the execute
bits. (I also think that the 'mode >>= 3' code in fs/namei.c should
be changed.)
Allen
>>>"G. Allen Morris III" said:
> Here is a new patch for fs/nfsd.
>
> This patch fixes four problems:
>
> 1) Groups where not being handles correctly.
>
> 2) Capabilities where not set correctly. (This would let any user
> traverse directories w/o x permission.)
>
> 3) mountd could segfault exp_rootfh().
>
> 4) There was a security problem with sub-mounts that would allow access
> to portions of a filesystem that would not be accessible if sub-mounts
> where not available. This patch will only allow you to make a sub_mount
> for a root_squashed export is at least one of x mode bits is set in each
> directory between that export point and the sub-mount. Interestingly
> both IRIX 5.3 and SunOS 4 nfs servers allow these sub-mounts.
>
> BUGS: 0111 is tested directly against the i_mode.
>
---------------------------------
G. Allen Morris III
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/