Return-Path: Message-ID: <4A0A89BD.3030607@redhat.com> Date: Wed, 13 May 2009 16:50:05 +0800 From: Eugene Teo To: Frank Filz Subject: Re: [PATCH] nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission. References: <1241837734.2404.4.camel@dyn9047022153> In-Reply-To: <1241837734.2404.4.camel@dyn9047022153> Cc: linux-nfs@vger.kernel.org, nfsv4@linux-nfs.org List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Content-Type: text/plain; charset="us-ascii" Sender: nfsv4-bounces@linux-nfs.org Errors-To: nfsv4-bounces@linux-nfs.org MIME-Version: 1.0 List-ID: Frank Filz wrote: > The problem is that permission checking is skipped if atomic open is > possible, but when exec opens a file, it just opens it O_READONLY which > means EXEC permission will not be checked at that time. > > This problem is observed by the following sequence (executed as root): > > mount -t nfs4 server:/ /mnt4 > echo "ls" >/mnt4/foo > chmod 744 /mnt4/foo > su guest -c "mnt4/foo" > > Signed-off-by: Frank Filz Tested-by: Eugene Teo I have tested this on 2.6.29.3, and I can confirm that the patch fixed the problem. Btw, this looks like the same problem that was reported in 2006: http://linux-nfs.org/pipermail/nfsv4/2006-November/005323.html http://linux-nfs.org/pipermail/nfsv4/2006-November/005313.html http://bugzilla.linux-nfs.org/show_bug.cgi?id=131 Thanks, Eugene _______________________________________________ NFSv4 mailing list NFSv4@linux-nfs.org http://linux-nfs.org/cgi-bin/mailman/listinfo/nfsv4