diff options
| author | Linus Torvalds <torvalds@woody.linux-foundation.org> | 2008-01-12 14:06:34 -0800 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@suse.de> | 2008-01-14 12:17:39 -0800 |
| commit | 3093d39c9361dae001efaea9279b0b23e38f049c (patch) | |
| tree | 7ca512fdc26750ad38d4186c5ca733c48f60067e /drivers/video/epson1355fb.c | |
| parent | eae2a53f7fea8c99fa56c2b1d8b554507fab4ad7 (diff) | |
Use access mode instead of open flags to determine needed permissions (CVE-2008-0001)
patch 974a9f0b47da74e28f68b9c8645c3786aa5ace1a in mainline
Way back when (in commit 834f2a4a1554dc5b2598038b3fe8703defcbe467, aka
"VFS: Allow the filesystem to return a full file pointer on open intent"
to be exact), Trond changed the open logic to keep track of the original
flags to a file open, in order to pass down the the intent of a dentry
lookup to the low-level filesystem.
However, when doing that reorganization, it changed the meaning of
namei_flags, and thus inadvertently changed the test of access mode for
directories (and RO filesystem) to use the wrong flag. So fix those
test back to use access mode ("acc_mode") rather than the open flag
("flag").
Issue noticed by Bill Roman at Datalight.
Reported-and-tested-by: Bill Roman <bill.roman@datalight.com>
Acked-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Acked-by: Al Viro <viro@ZenIV.linux.org.uk>
Cc: Christoph Hellwig <hch@lst.de>
Cc: Andrew Morton <akpm@linux-foundation.org>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
Diffstat (limited to 'drivers/video/epson1355fb.c')
0 files changed, 0 insertions, 0 deletions