Commit db376e4c authored by Chris Wright's avatar Chris Wright Committed by Linus Torvalds

[PATCH] chown permission check fix for ATTR_GID

SuSE discovered this problem with chown and ATTR_GID.  Make sure user
is authorized to change the group, CAN-2004-0497.
parent 7caf4f46
...@@ -35,7 +35,8 @@ int inode_change_ok(struct inode *inode, struct iattr *attr) ...@@ -35,7 +35,8 @@ int inode_change_ok(struct inode *inode, struct iattr *attr)
/* Make sure caller can chgrp. */ /* Make sure caller can chgrp. */
if ((ia_valid & ATTR_GID) && if ((ia_valid & ATTR_GID) &&
(!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid) && (current->fsuid != inode->i_uid ||
(!in_group_p(attr->ia_gid) && attr->ia_gid != inode->i_gid)) &&
!capable(CAP_CHOWN)) !capable(CAP_CHOWN))
goto error; goto error;
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment