forked from Minki/linux
864f0f61f8
All nfsd security depends on the security checks in fh_verify, and especially on nfsd_setuser(). It therefore bothers me that the nfsd_setuser call may be made from three different places, depending on whether the filehandle has already been mapped to a dentry, and on whether subtreechecking is in force. Instead, make an unconditional call in fh_verify(), so it's trivial to verify that the call always occurs. That leaves us with a redundant nfsd_setuser() call in the subtreecheck case--it needs the correct user set earlier in order to check execute permissions on the path to this filehandle--but I'm willing to accept that minor inefficiency in the subtreecheck case in return for more straightforward permission checking. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> |
||
|---|---|---|
| .. | ||
| auth.c | ||
| auth.h | ||
| export.c | ||
| Kconfig | ||
| lockd.c | ||
| Makefile | ||
| nfs2acl.c | ||
| nfs3acl.c | ||
| nfs3proc.c | ||
| nfs3xdr.c | ||
| nfs4acl.c | ||
| nfs4callback.c | ||
| nfs4idmap.c | ||
| nfs4proc.c | ||
| nfs4recover.c | ||
| nfs4state.c | ||
| nfs4xdr.c | ||
| nfscache.c | ||
| nfsctl.c | ||
| nfsfh.c | ||
| nfsproc.c | ||
| nfssvc.c | ||
| nfsxdr.c | ||
| stats.c | ||
| vfs.c | ||
| vfs.h | ||