fusefrontend: Don't chown gocryptfs.diriv files.

The current code has a risk of race-conditions, since we pass a path
containing "/" to Fchownat. We could fix this by opening a file descriptor,
however, this does not seem worth the effort. We also don't chown *.name files.
This commit is contained in:
Sebastian Lackner 2019-01-09 02:40:10 +01:00
parent fcaca5fc94
commit 669322482a
2 changed files with 3 additions and 21 deletions

View File

@ -5,7 +5,6 @@ package fusefrontend
import (
"os"
"path/filepath"
"sync"
"syscall"
"time"
@ -326,19 +325,8 @@ func (fs *FS) Chown(path string, uid uint32, gid uint32, context *fuse.Context)
return fuse.ToStatus(err)
}
defer syscall.Close(dirfd)
code = fuse.ToStatus(syscallcompat.Fchownat(dirfd, cName, int(uid), int(gid), unix.AT_SYMLINK_NOFOLLOW))
if !code.Ok() {
return code
}
if !fs.args.PlaintextNames {
// When filename encryption is active, every directory contains
// a "gocryptfs.diriv" file. This file should also change the owner.
// Instead of checking if "cName" is a directory, we just blindly
// execute the chown on "cName/gocryptfs.diriv" and ignore errors.
dirIVPath := filepath.Join(cName, nametransform.DirIVFilename)
syscallcompat.Fchownat(dirfd, dirIVPath, int(uid), int(gid), unix.AT_SYMLINK_NOFOLLOW)
}
return fuse.OK
err = syscallcompat.Fchownat(dirfd, cName, int(uid), int(gid), unix.AT_SYMLINK_NOFOLLOW)
return fuse.ToStatus(err)
}
// Mknod - FUSE call. Create a device file.

View File

@ -5,7 +5,6 @@ package fusefrontend
import (
"fmt"
"io"
"path/filepath"
"runtime"
"syscall"
@ -124,16 +123,11 @@ func (fs *FS) Mkdir(newPath string, mode uint32, context *fuse.Context) (code fu
err = syscallcompat.Fchownat(dirfd, cName, int(context.Owner.Uid),
int(context.Owner.Gid), unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
tlog.Warn.Printf("Mkdir %q: Fchownat(1) %d:%d failed: %v", cName, context.Owner.Uid, context.Owner.Gid, err)
tlog.Warn.Printf("Mkdir %q: Fchownat %d:%d failed: %v", cName, context.Owner.Uid, context.Owner.Gid, err)
// In case of a failure, we don't want to proceed setting more
// permissive modes.
return fuse.ToStatus(err)
}
err = syscallcompat.Fchownat(dirfd, filepath.Join(cName, nametransform.DirIVFilename),
int(context.Owner.Uid), int(context.Owner.Gid), unix.AT_SYMLINK_NOFOLLOW)
if err != nil {
tlog.Warn.Printf("Mkdir %q: Fchownat(2) %d:%d failed: %v", cName, context.Owner.Uid, context.Owner.Gid, err)
}
}
// Set mode
if origMode != mode {