Back to bug 2185710
| Who | When | What | Removed | Added |
|---|---|---|---|---|
| Xiubo Li | 2023-04-11 04:23:11 UTC | Assignee | vshankar | xiubli |
| Red Hat One Jira (issues.redhat.com) | 2023-04-11 04:23:18 UTC | Link ID | Red Hat Issue Tracker RHCEPH-6404 | |
| Xiubo Li | 2023-04-11 04:23:53 UTC | Link ID | Ceph Project Bug Tracker 58680 | |
| Xiubo Li | 2023-05-23 02:03:18 UTC | Status | NEW | ASSIGNED |
| Greg Farnum | 2023-07-12 01:59:39 UTC | Status | ASSIGNED | POST |
| CC | gfarnum | |||
| Hemanth Kumar | 2023-07-12 05:02:58 UTC | CC | hyelloji, tserlin, vereddy | |
| Status | POST | MODIFIED | ||
| Fixed In Version | ceph-17.2.6-87.el9cp | |||
| Flags | needinfo?(hyelloji) | |||
| Flags | needinfo?(vereddy) | |||
| Flags | needinfo?(hyelloji) needinfo?(vereddy) | |||
| errata-xmlrpc | 2023-07-12 05:16:21 UTC | Status | MODIFIED | ON_QA |
| Akash Raj | 2023-07-13 17:39:40 UTC | CC | akraj | |
| Docs Contact | akraj | |||
| Flags | needinfo?(xiubli) | |||
| Blocks | 2221020 | |||
| Hemanth Kumar | 2023-07-13 19:26:37 UTC | Status | ON_QA | VERIFIED |
| Xiubo Li | 2023-07-14 00:48:32 UTC | Doc Type | If docs needed, set a value | Bug Fix |
| Doc Text | Cause: The fallocate path won't clear the suid/sgid if an unprivileged user changed the file. Consequence: There is no Posix item requires that we should clear the suid/sgid in fallocate code path but this is the default behaviour for most of the filesystems and the VFS layer. So user space libcephfs client won't comply with the most filesystems in kernel and also this could be attacked easily by hacker. Fix: The fallocate path will try to clear the suid/sgid if a unprivileged user changed the file. Result: Making the user space libcephfs client comply with most other filesystems and fix the attack hole. | |||
| Flags | needinfo?(xiubli) | |||
| Akash Raj | 2023-07-14 10:48:16 UTC | Flags | needinfo?(xiubli) | |
| Doc Text | Cause: The fallocate path won't clear the suid/sgid if an unprivileged user changed the file. Consequence: There is no Posix item requires that we should clear the suid/sgid in fallocate code path but this is the default behaviour for most of the filesystems and the VFS layer. So user space libcephfs client won't comply with the most filesystems in kernel and also this could be attacked easily by hacker. Fix: The fallocate path will try to clear the suid/sgid if a unprivileged user changed the file. Result: Making the user space libcephfs client comply with most other filesystems and fix the attack hole. | .The _fallocate_ path clears the `suid`/`sgid` if an unprivileged user changes the file Previously, the _fallocate_ path would not clear the `suid`/`sgid` if an unprivileged user changed the file. There is no Posix item that requires clearing the `suid`/`sgid` in _fallocate_ path but this is the default behaviour for most of the filesystems and the VFS layer. So, the user space `libcephfs` client would not comply with most filesystems in the kernel and this could be easily hacked. With this fix, the _fallocate_ path clears the `suid`/`sgid` if an unprivileged user changes the file, making the user space `libcephfs` client comply with most other filesystems and fix the attack hole. |
||
| Xiubo Li | 2023-07-14 10:53:03 UTC | Flags | needinfo?(xiubli) | |
| errata-xmlrpc | 2023-08-03 16:32:24 UTC | Status | VERIFIED | RELEASE_PENDING |
| errata-xmlrpc | 2023-08-03 16:45:09 UTC | Resolution | --- | ERRATA |
| Status | RELEASE_PENDING | CLOSED | ||
| Last Closed | 2023-08-03 16:45:09 UTC | |||
| errata-xmlrpc | 2023-08-03 16:46:18 UTC | Link ID | Red Hat Product Errata RHBA-2023:4473 |
Back to bug 2185710