Re: [PATCH 3/4] listmount: small changes in semantics

[PATCH 0/4] listmount changes · Miklos Szeredi <hidden> · 2023-11-28
[PATCH 1/4] listmount: rip out flags · Miklos Szeredi <hidden> · 2023-11-28
[PATCH 2/4] listmount: list mounts in ID order · Miklos Szeredi <hidden> · 2023-11-28
[PATCH 4/4] listmount: allow continuing · Miklos Szeredi <hidden> · 2023-11-28
[PATCH 3/4] listmount: small changes in semantics · Miklos Szeredi <hidden> · 2023-11-28
Re: [PATCH 3/4] listmount: small changes in semantics · "Serge E. Hallyn" <serge@hallyn.com> · 2023-12-06
Re: [PATCH 3/4] listmount: small changes in semantics · Miklos Szeredi <miklos@szeredi.hu> · 2023-12-06
Re: [PATCH 3/4] listmount: small changes in semantics · Christian Brauner <brauner@kernel.org> · 2023-12-08
Re: [PATCH 0/4] listmount changes · Christian Brauner <brauner@kernel.org> · 2023-11-29
Re: [PATCH 0/4] listmount changes · Miklos Szeredi <miklos@szeredi.hu> · 2023-11-29
Re: [PATCH 0/4] listmount changes · Christian Brauner <brauner@kernel.org> · 2023-11-29

From: Miklos Szeredi <miklos@szeredi.hu>
Date: 2023-12-06 20:24:58
Also in: linux-fsdevel, linux-man, linux-security-module

On Wed, 6 Dec 2023 at 20:58, Serge E. Hallyn [off-list ref] wrote:

On Tue, Nov 28, 2023 at 05:03:34PM +0100, Miklos Szeredi wrote:

quoted

-     if (!is_path_reachable(m, mnt->mnt_root, &rootmnt))
-             return capable(CAP_SYS_ADMIN) ? 0 : -EPERM;
+     if (!capable(CAP_SYS_ADMIN) &&

Was there a reason to do the capable check first?  In general,
checking capable() when not needed is frowned upon, as it will
set the PF_SUPERPRIV flag.

I synchronized the permission checking with statmount() without
thinking about the order.   I guess we can change the order back in
both syscalls?

I also don't understand the reason behind the using the _noaudit()
variant.  Christian?

Thanks,
Miklos

`h`	back out one level
`j`	next message in thread
`k`	previous message in thread
`l`	drill in
`Esc`	close help / fold thread tree
`?`	toggle this help