diff options
| author | Linus Torvalds <[email protected]> | 2019-12-07 16:59:25 -0800 | 
|---|---|---|
| committer | Linus Torvalds <[email protected]> | 2019-12-07 16:59:25 -0800 | 
| commit | 316933cf74b07c6fedcbb0de4564af82f0820a43 (patch) | |
| tree | e29b35a0275d68b04a638abbcf231cb1e671d2a2 /lib/assoc_array.c | |
| parent | 911d137ab027e6dac03695bfe71702e64b6aa161 (diff) | |
| parent | f9bbb68233aa5bd5ef238bd3532fddf92fa1b53c (diff) | |
Merge tag 'for-linus-5.5-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux
Pull orangefs update from Mike Marshall:
 "orangefs: posix open permission checking...
  Orangefs has no open, and orangefs checks file permissions on each
  file access. Posix requires that file permissions be checked on open
  and nowhere else. Orangefs-through-the-kernel needs to seem posix
  compliant.
  The VFS opens files, even if the filesystem provides no method. We can
  see if a file was successfully opened for read and or for write by
  looking at file->f_mode.
  When writes are flowing from the page cache, file is no longer
  available. We can trust the VFS to have checked file->f_mode before
  writing to the page cache.
  The mode of a file might change between when it is opened and IO
  commences, or it might be created with an arbitrary mode.
  We'll make sure we don't hit EACCES during the IO stage by using
  UID 0"
[ This is "posixish", but not a great solution in the long run, since a
  proper secure network server shouldn't really trust the client like this.
  But proper and secure POSIX behavior requires an open method and a
  resulting cookie for IO of some kind, or similar.    - Linus ]
* tag 'for-linus-5.5-ofs1' of git://git.kernel.org/pub/scm/linux/kernel/git/hubcap/linux:
  orangefs: posix open permission checking...
Diffstat (limited to 'lib/assoc_array.c')
0 files changed, 0 insertions, 0 deletions