fd2498211a
The AFS_ACE_READ and AFS_ACE_WRITE permission bits should not be used to make access decisions for the directory itself. They are meant to control access for the objects contained in that directory. Reading a directory is allowed if the AFS_ACE_LOOKUP bit is set. This would cause an incorrect access denied error for a directory with AFS_ACE_LOOKUP but not AFS_ACE_READ. The AFS_ACE_WRITE bit does not allow operations that modify the directory. For a directory with AFS_ACE_WRITE but neither AFS_ACE_INSERT nor AFS_ACE_DELETE, this would result in trying operations that would ultimately be denied by the server. Signed-off-by: Marc Dionne <marc.dionne@auristor.com> Signed-off-by: David Howells <dhowells@redhat.com> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org> |
||
---|---|---|
.. | ||
afs_cm.h | ||
afs_fs.h | ||
afs_vl.h | ||
afs.h | ||
cache.c | ||
callback.c | ||
cell.c | ||
cmservice.c | ||
dir.c | ||
file.c | ||
flock.c | ||
fsclient.c | ||
inode.c | ||
internal.h | ||
Kconfig | ||
main.c | ||
Makefile | ||
misc.c | ||
mntpt.c | ||
netdevices.c | ||
proc.c | ||
rxrpc.c | ||
security.c | ||
server.c | ||
super.c | ||
vlclient.c | ||
vlocation.c | ||
vnode.c | ||
volume.c | ||
write.c |