| Issue 6: | security!!! | |
| 1 person starred this issue and may be notified of changes. | Back to list |
What steps will reproduce the problem? [root] chironfs --fuseoptions allow_other --log /var/log/chironfs.log /real1=/real2 /virtual [root@nbecker4 nbecker]# exit exit [nbecker@nbecker4 ~]$ touch /virtual/more [nbecker@nbecker4 ~]$ ls -l /virtual total 0 -rw-rw-r-- 1 root root 0 2007-09-12 10:03 more -rw-r--r-- 1 root root 0 2007-09-12 09:59 stuff WTF! /virtual/more is owned by root, even though nbecker created it! That looks like a serious problem. |
|
,
Sep 12, 2007
Bug tested and reproduced.
Status: Accepted
Labels: -Priority-Medium Priority-High |
|
,
Sep 21, 2007
ChironFS was not tracking the creation of the files and, this way, was not changing the ownership of the created file/directory to the uid and gid of the calling process. Now ChironFS calls fuse_context to get that info from the calling process and changes to it right after the creation. Bug fixed.
Status: Fixed
Owner: luisfurquim Labels: -Type-Defect Security |
|
 Sign in to add a comment
|
