Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-03-19 Thread Miklos Szeredi
On Mon, Feb 29, 2016 at 05:54:40PM +0100, Ignacy Gawędzki wrote: > On Mon, Feb 29, 2016 at 11:25:46AM -0500, thus spake Vivek Goyal: > > I agree that semantics should be more consistent. I don't know that > > if upper layer should override lower layer checks or not. > > > > One could also argue th

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-29 Thread Ignacy Gawędzki
On Mon, Feb 29, 2016 at 11:25:46AM -0500, thus spake Vivek Goyal: > I agree that semantics should be more consistent. I don't know that > if upper layer should override lower layer checks or not. > > One could also argue that if root did chown, then changes effectively > happened in upper layer an

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-29 Thread Vivek Goyal
On Sat, Feb 27, 2016 at 01:40:02PM +0300, Nazarov Sergey wrote: > 26.02.2016, 22:41, "Vivek Goyal" : > > > > So what's the problem we are trying to solve. Why should we able to > > override the DAC checks of lower layer if same directory in upper > > is searchable for user but it is not searchable

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-29 Thread Vivek Goyal
On Sun, Feb 28, 2016 at 12:09:42PM +0100, Ignacy Gawędzki wrote: > On Fri, Feb 26, 2016 at 02:41:43PM -0500, thus spake Vivek Goyal: > > CCing linux-fsdevel as it is a wider issue. > > > > > > On Wed, Feb 24, 2016 at 02:55:52PM +0100, Ignacy Gawędzki wrote: > > > Add alternate lookup_one_len_chec

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-28 Thread Ignacy Gawędzki
On Fri, Feb 26, 2016 at 02:41:43PM -0500, thus spake Vivek Goyal: > CCing linux-fsdevel as it is a wider issue. > > > On Wed, Feb 24, 2016 at 02:55:52PM +0100, Ignacy Gawędzki wrote: > > Add alternate lookup_one_len_check function to fs/namei.c which does > > what lookup_one_len did until now wit

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-27 Thread Nazarov Sergey
26.02.2016, 22:41, "Vivek Goyal" : > > So what's the problem we are trying to solve. Why should we able to > override the DAC checks of lower layer if same directory in upper > is searchable for user but it is not searchable in lower layer. > If I right, this is a one of the main feature of overla

Re: [PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-26 Thread Vivek Goyal
CCing linux-fsdevel as it is a wider issue. On Wed, Feb 24, 2016 at 02:55:52PM +0100, Ignacy Gawędzki wrote: > Add alternate lookup_one_len_check function to fs/namei.c which does > what lookup_one_len did until now with a boolean argument telling > whether to check that the base directory is tra

[PATCH v2 1/1] OverlayFS: Fix checking permissions during lookup.

2016-02-24 Thread Ignacy Gawędzki
Add alternate lookup_one_len_check function to fs/namei.c which does what lookup_one_len did until now with a boolean argument telling whether to check that the base directory is traversable. Modify original lookup_one_len function to call the former with true as the last argument. In function ov