diff options
author | Jan Kara <jack@suse.cz> | 2015-05-21 16:05:52 +0200 |
---|---|---|
committer | Al Viro <viro@zeniv.linux.org.uk> | 2015-06-24 00:01:08 +0200 |
commit | 2426f3910069ed47c0cc58559a6d088af7920201 (patch) | |
tree | 88c802202a7ae166f8da96ce3bcf43970eb314cd /fs | |
parent | fs/posix_acl.c: make posix_acl_create() safer and cleaner (diff) | |
download | linux-2426f3910069ed47c0cc58559a6d088af7920201.tar.xz linux-2426f3910069ed47c0cc58559a6d088af7920201.zip |
fs: Fix S_NOSEC handling
file_remove_suid() could mistakenly set S_NOSEC inode bit when root was
modifying the file. As a result following writes to the file by ordinary
user would avoid clearing suid or sgid bits.
Fix the bug by checking actual mode bits before setting S_NOSEC.
CC: stable@vger.kernel.org
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
Diffstat (limited to 'fs')
-rw-r--r-- | fs/inode.c | 4 |
1 files changed, 2 insertions, 2 deletions
diff --git a/fs/inode.c b/fs/inode.c index e8d62688ed91..07f4cb5eab4b 100644 --- a/fs/inode.c +++ b/fs/inode.c @@ -1706,8 +1706,8 @@ int file_remove_suid(struct file *file) error = security_inode_killpriv(dentry); if (!error && killsuid) error = __remove_suid(dentry, killsuid); - if (!error && (inode->i_sb->s_flags & MS_NOSEC)) - inode->i_flags |= S_NOSEC; + if (!error) + inode_has_no_xattr(inode); return error; } |