nfs: Fix NFS v4 client handling of MAY_EXEC in nfs_permission.

Linux kernel mirror (for testing) git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git

kernel os linux

The problem is that permission checking is skipped if atomic open is
possible, but when exec opens a file, it just opens it O_READONLY which
means EXEC permission will not be checked at that time.

This problem is observed by the following sequence (executed as root):

mount -t nfs4 server:/ /mnt4
echo "ls" >/mnt4/foo
chmod 744 /mnt4/foo
su guest -c "mnt4/foo"

Signed-off-by: Frank Filz <ffilzlnx@us.ibm.com>
Signed-off-by: Trond Myklebust <Trond.Myklebust@netapp.com>
Cc: stable@kernel.org
Tested-by: Eugene Teo <eugeneteo@kernel.sg>
Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

authored by

Frank Filz and committed by

Linus Torvalds 17 years ago 7ee2cb7f 36338327

+2 -1

1 changed file

expand all

nfs

dir.c

+2 -1

fs/nfs/dir.c

··· 1943 1943 case S_IFREG: 1944 1944 /* NFSv4 has atomic_open... */ 1945 1945 if (nfs_server_capable(inode, NFS_CAP_ATOMIC_OPEN) 1946 - && (mask & MAY_OPEN)) 1946 + && (mask & MAY_OPEN) 1947 + && !(mask & MAY_EXEC)) 1947 1948 goto out; 1948 1949 break; 1949 1950 case S_IFDIR: