Red Hat Bugzilla – Bug 323111
GFS1: security_eo_get() uses permission() when it should use security_inode_getxattr()
Last modified: 2010-01-11 22:27:46 EST
Reassigning to Ryan Ohara because he now has bug #307431 and this is
really the same issue.
Removed calls to permission() from xattr ops. The permission() checks are
handled in the VFS layer, so there is no need for gfs to repeat this step.
Also note that checking permission() is incorrect for SELinux xattrs. The
correct permission check is done via the security_inode_getxattr(), etc. calls,
which are also done in the VFS layer.
Planning on removing GFS-kernel. Moving all bugs to gfs-kmod.
An advisory has been issued which should help the problem
described in this bug report. This report is therefore being
closed with a resolution of ERRATA. For more information
on the solution and/or where to find the updated files,
please follow the link below. You may reopen this bug report
if the solution does not work for you.