forked from Minki/linux
864f0f61f8
All nfsd security depends on the security checks in fh_verify, and especially on nfsd_setuser(). It therefore bothers me that the nfsd_setuser call may be made from three different places, depending on whether the filehandle has already been mapped to a dentry, and on whether subtreechecking is in force. Instead, make an unconditional call in fh_verify(), so it's trivial to verify that the call always occurs. That leaves us with a redundant nfsd_setuser() call in the subtreecheck case--it needs the correct user set earlier in order to check execute permissions on the path to this filehandle--but I'm willing to accept that minor inefficiency in the subtreecheck case in return for more straightforward permission checking. Signed-off-by: J. Bruce Fields <bfields@citi.umich.edu> |
||
---|---|---|
.. | ||
auth.c | ||
auth.h | ||
export.c | ||
Kconfig | ||
lockd.c | ||
Makefile | ||
nfs2acl.c | ||
nfs3acl.c | ||
nfs3proc.c | ||
nfs3xdr.c | ||
nfs4acl.c | ||
nfs4callback.c | ||
nfs4idmap.c | ||
nfs4proc.c | ||
nfs4recover.c | ||
nfs4state.c | ||
nfs4xdr.c | ||
nfscache.c | ||
nfsctl.c | ||
nfsfh.c | ||
nfsproc.c | ||
nfssvc.c | ||
nfsxdr.c | ||
stats.c | ||
vfs.c | ||
vfs.h |