From e570b2ee20969c18f6c18a8842baf9f8e6af4a9d Mon Sep 17 00:00:00 2001 From: "J. Bruce Fields" Date: Wed, 6 Jun 2012 12:12:57 -0400 Subject: [PATCH] --- yaml --- r: 320393 b: refs/heads/master c: d91d0b569044ab366895d587d4811b154dd7d7f5 h: refs/heads/master i: 320391: e59c0baefe166f369be299780c472572b3f7f4ca v: v3 --- [refs] | 2 +- trunk/fs/nfsd/vfs.c | 10 +++++++++- 2 files changed, 10 insertions(+), 2 deletions(-) diff --git a/[refs] b/[refs] index 71e814729b01..759b00e48d8f 100644 --- a/[refs] +++ b/[refs] @@ -1,2 +1,2 @@ --- -refs/heads/master: 74dbafaf5d84b5187e50dbe82442ec8df66d55b3 +refs/heads/master: d91d0b569044ab366895d587d4811b154dd7d7f5 diff --git a/trunk/fs/nfsd/vfs.c b/trunk/fs/nfsd/vfs.c index c8bd9c3be7f7..3256b5c324bc 100644 --- a/trunk/fs/nfsd/vfs.c +++ b/trunk/fs/nfsd/vfs.c @@ -757,8 +757,16 @@ nfsd_open(struct svc_rqst *rqstp, struct svc_fh *fhp, umode_t type, * If we get here, then the client has already done an "open", * and (hopefully) checked permission - so allow OWNER_OVERRIDE * in case a chmod has now revoked permission. + * + * Arguably we should also allow the owner override for + * directories, but we never have and it doesn't seem to have + * caused anyone a problem. If we were to change this, note + * also that our filldir callbacks would need a variant of + * lookup_one_len that doesn't check permissions. */ - err = fh_verify(rqstp, fhp, type, may_flags | NFSD_MAY_OWNER_OVERRIDE); + if (type == S_IFREG) + may_flags |= NFSD_MAY_OWNER_OVERRIDE; + err = fh_verify(rqstp, fhp, type, may_flags); if (err) goto out;