Executeable permission check always returned sucessful
even when executeable bit is not set on any of the user,
group or others. This patch fixes it by overiding
executeable permission check for root only if one of
the executeable bit is set
Signed-off-by: Kotresh HR <khiremat@redhat.com>
Fixes: https://tracker.ceph.com/issues/50060
(cherry picked from commit
b20ec2978cd3e16be9f45f1b7860bdae3c738147)
Conflicts:
src/client/Client.cc: The commit
6aa78836548f (cephfs errno aliases) is not present in
nautilus and some other trivial conflict, may be because some patches are missing
in nautilus.
#define DEBUG_GETATTR_CAPS (CEPH_CAP_XATTR_SHARED)
+#ifndef S_IXUGO
+#define S_IXUGO (S_IXUSR|S_IXGRP|S_IXOTH)
+#endif
+
void client_flush_set_callback(void *p, ObjectCacher::ObjectSet *oset)
{
Client *client = static_cast<Client*>(p);
int Client::inode_permission(Inode *in, const UserPerm& perms, unsigned want)
{
- if (perms.uid() == 0)
+ if (perms.uid() == 0) {
+ // Executable are overridable when there is at least one exec bit set
+ if((want & MAY_EXEC) && !(in->mode & S_IXUGO))
+ return -EACCES;
return 0;
+ }
if (perms.uid() != in->uid && (in->mode & S_IRWXG)) {
int ret = _posix_acl_permission(in, perms, want);