ovl: dilute permission checks on lower only if not special file
Right now if file is on lower/, we remove MAY_WRITE/MAY_APPEND bits from mask as lower/ will never be written and file will be copied up. But this is not true for special files. These files are not copied up and are opened in place. So don't dilute the checks for these types of files. Reported-by: Dan Walsh <dwalsh@redhat.com> Signed-off-by: Vivek Goyal <vgoyal@redhat.com> Signed-off-by: Miklos Szeredi <mszeredi@redhat.com>
This commit is contained in:
parent
d837a49bd5
commit
e29841a0ab
@ -137,7 +137,7 @@ int ovl_permission(struct inode *inode, int mask)
|
||||
return err;
|
||||
|
||||
old_cred = ovl_override_creds(inode->i_sb);
|
||||
if (!is_upper)
|
||||
if (!is_upper && !special_file(realinode->i_mode))
|
||||
mask &= ~(MAY_WRITE | MAY_APPEND);
|
||||
err = inode_permission(realinode, mask);
|
||||
revert_creds(old_cred);
|
||||
|
Loading…
Reference in New Issue
Block a user