/[base]
ViewVC logotype

Revision 345781

Jump to revision: Previous Next
Author: asomers
Date: Mon Apr 1 20:42:15 2019 UTC (5 years, 3 months ago)
Changed paths: 9
Log Message: 
fusefs: send FUSE_OPEN for every open(2) with unique credentials

By default, FUSE performs authorization in the server.  That means that it's
insecure for the client to reuse FUSE file handles between different users,
groups, or processes.  Linux handles this problem by creating a different
FUSE file handle for every file descriptor.  FreeBSD can't, due to
differences in our VFS design.

This commit adds credential information to each fuse_filehandle.  During
open(2), fusefs will now only reuse a file handle if it matches the exact
same access mode, pid, uid, and gid of the calling process.

PR:		236844
Sponsored by:	The FreeBSD Foundation

Changed paths

Path Details
Directoryprojects/fuse2/sys/fs/fuse/fuse_file.c modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_file.h modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_io.c modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_io.h modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_node.c modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_node.h modified , text changed
Directoryprojects/fuse2/sys/fs/fuse/fuse_vnops.c modified , text changed
Directoryprojects/fuse2/tests/sys/fs/fusefs/allow_other.cc modified , text changed
Directoryprojects/fuse2/tests/sys/fs/fusefs/open.cc modified , text changed
  ViewVC Help
Powered by ViewVC 1.1.27