summaryrefslogtreecommitdiffstats
path: root/fs/namespace.c
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2019-12-08 01:59:25 +0100
committerLinus Torvalds <torvalds@linux-foundation.org>2019-12-08 01:59:25 +0100
commit316933cf74b07c6fedcbb0de4564af82f0820a43 (patch)
treee29b35a0275d68b04a638abbcf231cb1e671d2a2 /fs/namespace.c
parentMerge tag 'nfsd-5.5' of git://linux-nfs.org/~bfields/linux (diff)
parentorangefs: posix open permission checking... (diff)
downloadlinux-316933cf74b07c6fedcbb0de4564af82f0820a43.tar.xz
linux-316933cf74b07c6fedcbb0de4564af82f0820a43.zip
Merge tag 'for-linus-5.5-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux
Pull orangefs update from Mike Marshall: "orangefs: posix open permission checking... Orangefs has no open, and orangefs checks file permissions on each file access. Posix requires that file permissions be checked on open and nowhere else. Orangefs-through-the-kernel needs to seem posix compliant. The VFS opens files, even if the filesystem provides no method. We can see if a file was successfully opened for read and or for write by looking at file->f_mode. When writes are flowing from the page cache, file is no longer available. We can trust the VFS to have checked file->f_mode before writing to the page cache. The mode of a file might change between when it is opened and IO commences, or it might be created with an arbitrary mode. We'll make sure we don't hit EACCES during the IO stage by using UID 0" [ This is "posixish", but not a great solution in the long run, since a proper secure network server shouldn't really trust the client like this. But proper and secure POSIX behavior requires an open method and a resulting cookie for IO of some kind, or similar. - Linus ] * tag 'for-linus-5.5-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux: orangefs: posix open permission checking...
Diffstat (limited to 'fs/namespace.c')
0 files changed, 0 insertions, 0 deletions