staging/lustre: fix permission problem of setfacl

Setxattr does not check the permission when setting ACL xattrs. This will cause security problem because any user can walk around permission checking by changing ACL rules. Signed-off-by: Li Xi <lixi@ddn.com> Reviewed-on: http://review.whamcloud.com/9473 Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-4704 Reviewed-by: Andreas Dilger <andreas.dilger@intel.com> Reviewed-by: Bob Glossman <bob.glossman@intel.com> Reviewed-by: John L. Hammond <john.hammond@intel.com> Signed-off-by: Oleg Drokin <oleg.drokin@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2026-05-09 06:41:06 -04:00 · 2014-04-27 13:06:43 -04:00
parent e55c447647
commit 0667dfffc7
1 changed files with 5 additions and 0 deletions
--- a/drivers/staging/lustre/lustre/llite/xattr.c
+++ b/drivers/staging/lustre/lustre/llite/xattr.c
@@ -124,6 +124,11 @@ int ll_setxattr_common(struct inode *inode, const char *name,
 	if (rc)
 		return rc;

+	if ((xattr_type == XATTR_ACL_ACCESS_T ||
+	     xattr_type == XATTR_ACL_DEFAULT_T) &&
+	    !inode_owner_or_capable(inode))
+		return -EPERM;
+
 	/* b10667: ignore lustre special xattr for now */
 	if ((xattr_type == XATTR_TRUSTED_T && strcmp(name, "trusted.lov") == 0) ||
 	    (xattr_type == XATTR_LUSTRE_T && strcmp(name, "lustre.lov") == 0))