1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
|
From 02fd2e6a7c708bf973209f9b238c5c61cbf15239 Mon Sep 17 00:00:00 2001
From: Alan Cox <alan@linux.intel.com>
Date: Thu, 10 Mar 2016 15:11:28 +0000
Subject: [PATCH 114/114] xattr: allow setting user.* attributes on symlinks by
owner
Kvmtool and clear containers supports using user attributes to label host
files with the virtual uid/guid of the file in the container. This allows an
end user to manage their files and a complete uid space without all the ugly
namespace stuff.
The one gap in the support is symlinks because an end user can change the
ownership of a symbolic link. We support attributes on these files as you
can already (as root) set security attributes on them.
The current rules seem slightly over-paranoid and as we have a use case this
patch enables updating the attributes on a symbolic link IFF you are the
owner of the synlink (as permissions are not usually meaningful on the link
itself).
Signed-off-by: Alan Cox <alan@linux.intel.com>
---
fs/xattr.c | 14 ++++++++------
1 file changed, 8 insertions(+), 6 deletions(-)
diff --git a/fs/xattr.c b/fs/xattr.c
index 7e3317cf4045..e005c30acb2c 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -118,15 +118,17 @@ xattr_permission(struct inode *inode, const char *name, int mask)
}
/*
- * In the user.* namespace, only regular files and directories can have
- * extended attributes. For sticky directories, only the owner and
- * privileged users can write attributes.
+ * In the user.* namespace, only regular files, symbolic links, and
+ * directories can have extended attributes. For symbolic links and
+ * sticky directories, only the owner and privileged users can write
+ * attributes.
*/
if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) {
- if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode))
+ if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode) && !S_ISLNK(inode->i_mode))
return (mask & MAY_WRITE) ? -EPERM : -ENODATA;
- if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) &&
- (mask & MAY_WRITE) && !inode_owner_or_capable(inode))
+ if (((S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX))
+ || S_ISLNK(inode->i_mode)) && (mask & MAY_WRITE)
+ && !inode_owner_or_capable(inode))
return -EPERM;
}
--
2.11.1
|
