linux/fs/nfsd
J. Bruce Fields d91d0b5690 nfsd: allow owner_override only for regular files
We normally allow the owner of a file to override permissions checks on
IO operations, since:
	- the client will take responsibility for doing an access check
	  on open;
	- the permission checks offer no protection against malicious
	  clients--if they can authenticate as the file's owner then
	  they can always just change its permissions;
	- checking permission on each IO operation breaks the usual
	  posix rule that permission is checked only on open.

However, we've never allowed the owner to override permissions on
readdir operations, even though the above logic would also apply to
directories.  I've never heard of this causing a problem, probably
because a) simultaneously opening and creating a directory (with
restricted mode) isn't possible, and b) opening a directory, then
chmod'ing it, is rare.

Our disallowal of owner-override on directories appears to be an
accident, though--the readdir itself succeeds, and then we fail just
because lookup_one_len() calls in our filldir methods fail.

I'm not sure what the easiest fix for that would be.  For now, just make
this behavior obvious by denying the override right at the start.

This also fixes some odd v4 behavior: with the rdattr_error attribute
requested, it would perform the readdir but return an ACCES error with
each entry.

Signed-off-by: J. Bruce Fields <bfields@redhat.com>
2012-07-10 16:41:35 -04:00
..
acl.h nfsd4: remove outdated pathname-comments 2011-01-04 18:22:10 -05:00
auth.c Merge branch 'for-3.5' of git://linux-nfs.org/~bfields/linux 2012-06-01 08:32:58 -07:00
auth.h nfsd: minor fs/nfsd/auth.h cleanup 2008-02-01 16:42:05 -05:00
cache.h nfsd: turn on reply cache for NFSv4 2011-07-18 09:39:01 -04:00
current_stateid.h nfsd41: use current stateid by value 2012-02-15 11:20:45 -05:00
export.c nfsd4: move rq_flavor into svc_cred 2012-05-31 20:29:58 -04:00
fault_inject.c nfsd: return 0 on reads of fault injection files 2012-05-31 20:29:48 -04:00
fault_inject.h NFSD: Added fault injection 2011-11-07 21:10:47 -05:00
idmap.h nfsd: pass network context to idmap init/exit functions 2012-04-12 09:12:10 -04:00
Kconfig NFSD: Added fault injection 2011-11-07 21:10:47 -05:00
lockd.c nfsd: Remove deprecated nfsctl system call and related code. 2011-07-15 18:58:42 -04:00
Makefile NFSD: Added fault injection 2011-11-07 21:10:47 -05:00
netns.h nfsd: make name-to-id cache allocated per network namespace context 2012-04-12 09:12:10 -04:00
nfs2acl.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nfs3acl.c include cleanup: Update gfp.h and slab.h includes to prepare for breaking implicit slab.h inclusion from percpu.h 2010-03-30 22:02:32 +09:00
nfs3proc.c nfsd41: make sure nfs server process OPEN with EXCLUSIVE4_1 correctly 2011-04-29 20:47:52 -04:00
nfs3xdr.c nfsd: fix compose_entry_fh() failure exits 2012-04-13 10:12:02 -04:00
nfs4acl.c fs: add export.h to files using EXPORT_SYMBOL/THIS_MODULE macros 2011-10-31 19:30:31 -04:00
nfs4callback.c nfsd4: remove unnecessary comment 2012-06-20 08:59:41 -04:00
nfs4idmap.c nfsd4: move rq_flavor into svc_cred 2012-05-31 20:29:58 -04:00
nfs4proc.c Merge branch 'for-3.4' of git://linux-nfs.org/~bfields/linux 2012-04-19 14:54:52 -07:00
nfs4recover.c Merge branch 'for-3.5' of git://linux-nfs.org/~bfields/linux 2012-06-01 08:32:58 -07:00
nfs4state.c nfsd4: release openowners on free in >=4.1 case 2012-07-10 16:41:34 -04:00
nfs4xdr.c nfsd4: our filesystems are normally case sensitive 2012-07-10 15:20:57 -04:00
nfscache.c nfsd: turn on reply cache for NFSv4 2011-07-18 09:39:01 -04:00
nfsctl.c SUNRPC: move per-net operations from svc_destroy() 2012-05-31 20:29:40 -04:00
nfsd.h nfsd: only register cld pipe notifier when CONFIG_NFSD_V4 is enabled 2012-03-29 08:01:07 -04:00
nfsfh.c nfsd: use exp_put() for svc_export_cache put 2012-04-11 17:55:02 -04:00
nfsfh.h fs: propagate umode_t, misc bits 2012-01-03 22:55:10 -05:00
nfsproc.c nfsd4: return nfs errno from name_to_id functions 2011-01-04 18:22:11 -05:00
nfssvc.c SUNRPC: move per-net operations from svc_destroy() 2012-05-31 20:29:40 -04:00
nfsxdr.c Fix common misspellings 2011-03-31 11:26:23 -03:00
state.h NFSD: TEST_STATEID should not return NFS4ERR_STALE_STATEID 2012-06-20 08:59:40 -04:00
stats.c SUNRPC: register service stats /proc entries in passed network namespace context 2012-01-31 19:28:18 -05:00
vfs.c nfsd: allow owner_override only for regular files 2012-07-10 16:41:35 -04:00
vfs.h nfsd: vfs_llseek() with 32 or 64 bit offsets (hashes) 2012-03-18 22:44:50 -04:00
xdr3.h nfsd: remove pointless paths in file headers 2009-12-15 15:01:47 -05:00
xdr4.h nfsd4: int/__be32 fixes 2012-05-31 20:29:37 -04:00
xdr.h nfsd: remove pointless paths in file headers 2009-12-15 15:01:47 -05:00