There is what I would consider to be a minor logic error in the handling
of immutable in ext2's code.
Now that setting/removal of immutable/append only is a specific
capability, there is no reason user "fred" shouldn't be given this
capability so he can manage immutable/append only flag on his _own files_.
Unfortunately the current implementation allows processes with
CAP_IMMUTABLE to manipulate these flags on _any_ file.
Patch follows - Alan if you agree with the change in logic please apply to
next -ac patch? It's against ioctl.c in ext2 directory.
Cheers
Chris
--- ioctl.c.old Thu Jul 1 07:38:45 1999
+++ ioctl.c Thu Jul 1 07:40:12 1999
@@ -33,18 +33,17 @@
flags = flags & EXT2_FL_USER_MODIFIABLE;
/*
* The IMMUTABLE and APPEND_ONLY flags can only be changed by
- * the super user when the security level is zero.
+ * a process with the relevent capability.
*/
if ((flags & (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)) ^
(inode->u.ext2_i.i_flags &
- (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL))) {
+ (EXT2_APPEND_FL | EXT2_IMMUTABLE_FL)))
/* This test looks nicer. Thanks to Pauline Middelink */
if (!capable(CAP_LINUX_IMMUTABLE))
return -EPERM;
- } else
- if ((current->fsuid != inode->i_uid) &&
- !capable(CAP_FOWNER))
- return -EPERM;
+
+ if ((current->fsuid != inode->i_uid) && !capable(CAP_FOWNER))
+ return -EPERM;
if (IS_RDONLY(inode))
return -EROFS;
inode->u.ext2_i.i_flags = (inode->u.ext2_i.i_flags &
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.rutgers.edu
Please read the FAQ at http://www.tux.org/lkml/