From 4d36624a22c0467ce1b38760c9ae5ab043e26425 Mon Sep 17 00:00:00 2001 From: Andreas Gruenbacher Date: Fri, 27 May 2011 14:50:36 +0200 Subject: [PATCH] --- yaml --- r: 252702 b: refs/heads/master c: 55b23bde19c08f14127a27d461a4e079942c7258 h: refs/heads/master v: v3 --- [refs] | 2 +- trunk/fs/xattr.c | 16 ++++++++++------ 2 files changed, 11 insertions(+), 7 deletions(-) diff --git a/[refs] b/[refs] index 55277180021d..381c569265bd 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: aa38572954ade525817fe88c54faebf85e5a61c0 +refs/heads/master: 55b23bde19c08f14127a27d461a4e079942c7258 diff --git a/trunk/fs/xattr.c b/trunk/fs/xattr.c index f1ef94974dea..4be2e7666d02 100644 --- a/trunk/fs/xattr.c +++ b/trunk/fs/xattr.c @@ -46,18 +46,22 @@ xattr_permission(struct inode *inode, const char *name, int mask) return 0; /* - * The trusted.* namespace can only be accessed by a privileged user. + * The trusted.* namespace can only be accessed by privileged users. */ - if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) - return (capable(CAP_SYS_ADMIN) ? 0 : -EPERM); + if (!strncmp(name, XATTR_TRUSTED_PREFIX, XATTR_TRUSTED_PREFIX_LEN)) { + if (!capable(CAP_SYS_ADMIN)) + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; + return 0; + } - /* In user.* namespace, only regular files and directories can have + /* + * In the user.* namespace, only regular files and directories can have * extended attributes. For sticky directories, only the owner and - * privileged user can write attributes. + * privileged users can write attributes. */ if (!strncmp(name, XATTR_USER_PREFIX, XATTR_USER_PREFIX_LEN)) { if (!S_ISREG(inode->i_mode) && !S_ISDIR(inode->i_mode)) - return -EPERM; + return (mask & MAY_WRITE) ? -EPERM : -ENODATA; if (S_ISDIR(inode->i_mode) && (inode->i_mode & S_ISVTX) && (mask & MAY_WRITE) && !inode_owner_or_capable(inode)) return -EPERM;