2185710 – client: clear the suid/sgid in fallocate path

Bug 2185710 - client: clear the suid/sgid in fallocate path

Summary: client: clear the suid/sgid in fallocate path

Keywords:
Status:	CLOSED ERRATA
Alias:	None
Product:	Red Hat Ceph Storage
Classification:	Red Hat Storage
Component:	CephFS
Sub Component:
Version:	6.0
Hardware:	Unspecified
OS:	Unspecified
Priority:	unspecified
Severity:	high
Target Milestone:	---
Target Release:	6.1z1
Assignee:	Xiubo Li
QA Contact:	Hemanth Kumar
Docs Contact:	Akash Raj
URL:
Whiteboard:
Depends On:
Blocks:	2221020
TreeView+	depends on / blocked

Reported:	2023-04-11 04:22 UTC by Xiubo Li
Modified:	2023-08-03 16:46 UTC (History)
CC List:	7 users (show)
Fixed In Version:	ceph-17.2.6-87.el9cp
Doc Type:	Bug Fix
Doc Text:	.The _fallocate_ path clears the `suid`/`sgid` if an unprivileged user changes the file Previously, the _fallocate_ path would not clear the `suid`/`sgid` if an unprivileged user changed the file. There is no Posix item that requires clearing the `suid`/`sgid` in _fallocate_ path but this is the default behaviour for most of the filesystems and the VFS layer. So, the user space `libcephfs` client would not comply with most filesystems in the kernel and this could be easily hacked. With this fix, the _fallocate_ path clears the `suid`/`sgid` if an unprivileged user changes the file, making the user space `libcephfs` client comply with most other filesystems and fix the attack hole.
Clone Of:
Environment:
Last Closed:	2023-08-03 16:45:09 UTC
Embargoed:
Dependent Products:

Attachments	(Terms of Use)

Links
System	ID	Priority	Status	Summary	Last Updated
Ceph Project Bug Tracker	58680	None	None	None	2023-04-11 04:23:53 UTC
Red Hat Issue Tracker	RHCEPH-6404	None	None	None	2023-04-11 04:23:18 UTC
Red Hat Product Errata	RHBA-2023:4473	None	None	None	2023-08-03 16:46:18 UTC

Description Xiubo Li 2023-04-11 04:22:24 UTC

There is no Posix item requires that we should clear the suid/sgid
in fallocate code path but this is the default behaviour for most of
the filesystems and the VFS layer. And also the same for the write
code path, which have already support it.

Fixes: https://tracker.ceph.com/issues/58680

Comment 12 errata-xmlrpc 2023-08-03 16:45:09 UTC

Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory (Red Hat Ceph Storage 6.1 Bug Fix update), and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2023:4473

Note You need to log in before you can comment on or make changes to this bug.