[Gluster-devel] Fixing setfsuid/gid problems in posix xlator
Soumya Koduri
skoduri at redhat.com
Fri Sep 23 07:00:31 UTC 2016
On 09/23/2016 08:28 AM, Pranith Kumar Karampuri wrote:
> hi,
> Jiffin found an interesting problem in posix xlator where we have
> never been using setfsuid/gid (http://review.gluster.org/#/c/15545/),
> what I am seeing regressions after this is, if the files are created
> using non-root user then the file creation fails because that user
> doesn't have permissions to create the gfid-link. So it seems like the
> correct way forward for this patch is to write wrappers around
> sys_<syscall> to do setfsuid/gid do the actual operation requested and
> then set it back to old uid/gid and then do the internal operations. I
> am planning to write posix_sys_<syscall>() to do the same, may be a macro?.
Why not otherwise around? As in can we switch to superuser when required
so that we know what all internal operations need root access and avoid
misusing it.
Thanks,
Soumya
> I need inputs from you guys to let me know if I am on the right path
> and if you see any issues with this approach.
>
> --
> Pranith
>
>
> _______________________________________________
> Gluster-devel mailing list
> Gluster-devel at gluster.org
> http://www.gluster.org/mailman/listinfo/gluster-devel
>
More information about the Gluster-devel
mailing list