From: Miklos Szeredi Date: Fri, 29 Apr 2005 07:38:25 +0000 (+0000) Subject: fix X-Git-Tag: fuse_2_3_pre6~2 X-Git-Url: http://git.maquefel.me/?a=commitdiff_plain;h=61139dbd44fec7d8995b761fdab7df94814b53ab;p=qemu-gpiodev%2Flibfuse.git fix --- diff --git a/kernel/dir.c b/kernel/dir.c index 4f7a83f..0912d50 100644 --- a/kernel/dir.c +++ b/kernel/dir.c @@ -433,24 +433,24 @@ int fuse_do_getattr(struct inode *inode) return err; } +/* + * Calling into a user-controlled filesystem gives the filesystem + * daemon ptrace-like capabilities over the requester process. This + * means, that the filesystem daemon is able to record the exact + * filesystem operations performed, and can also control the behavior + * of the requester process in otherwise impossible ways. For example + * it can delay the operation for arbitrary length of time allowing + * DoS against the requester. + * + * For this reason only those processes can call into the filesystem, + * for which the owner of the mount has ptrace privilege. This + * excludes processes started by other users, suid or sgid processes. + */ static int fuse_allow_task(struct fuse_conn *fc, struct task_struct *task) { if (fc->flags & FUSE_ALLOW_OTHER) return 1; - /* Calling into a user-controlled filesystem gives the - filesystem daemon ptrace-like capabilities over the - requester process. This means, that the filesystem daemon - is able to record the exact filesystem operations - performed, and can also control the behavior of the - requester process in otherwise impossible ways. For - example it can delay the operation for arbitrary length of - time allowing DoS against the requester. - - For this reason only those processes can call into the - filesystem, for which the owner of the mount has ptrace - privilege. This excludes processes started by other users, - suid or sgid processes. */ if (task->euid == fc->user_id && task->suid == fc->user_id && task->uid == fc->user_id &&