Issue 8 in chironfs: Security problem?

0 views

Skip to first unread message

codesite...@google.com

unread,

Oct 23, 2007, 12:22:18 AM10/23/07

to chiron...@googlegroups.com

Issue 8: Security problem?
http://code.google.com/p/chironfs/issues/detail?id=8

Comment #2 by luisfurquim:
Bug fixed. Changed the access checking model and it is now being made by
centralized functions for all wrappers. A test program tried to access many
files and directories both in virtual Chiron FS mountpoint and an ext3
mountpoint. the results were compared. There is one difference between them
when the caller calls utime passing NULL as the pointer to the utimbuf struct.
According to gnu.org at
http://www.gnu.org/software/libc/manual/html_node/File-Times.html , it
should let an unprivileged user and not the owner of the file change
its time
if it has write permissions to do so. ChironFS denies this writing
because the
FUSE framework isn't passing NULL in the utimbuf struct. It will be
fixed in
FUSE in the next kernel release. Check
http://article.gmane.org/gmane.comp.file-systems.fuse.devel/5246 for details.

Issue attribute updates:
Status: Fixed

--
You received this message because you are listed in the owner
or CC fields of this issue, or because you starred this issue.
You may adjust your issue notification preferences at:
http://code.google.com/hosting/settings

Reply all

Reply to author

Forward

0 new messages