>From Vincent Saulue-Laborde <vincent.sau...@bull.net>: Vincent Saulue-Laborde has uploaded a new change for review.
https://review.gerrithub.io/233494 Change subject: 9P (security fix) : disable possible privilege escalation using lcreate ...................................................................... 9P (security fix) : disable possible privilege escalation using lcreate The lcreate function of 9p can need to send requests to cache_inode as root. The previous implementation changed the user_id in op_ctx->cred, which can be shared between worker threads. Thus other requests from the client could be executed as root if they were processed at the same time. This patch corrects the issue by using a thread local structure for lcreate. Change-Id: I870be24875d6a0bdb54ee8ea8205776b5e88b9f6 Signed-off-by: Vincent Saulue-Laborde <vincent.sau...@bull.net> --- M src/Protocols/9P/9p_lcreate.c 1 file changed, 10 insertions(+), 2 deletions(-) git pull ssh://review.gerrithub.io:29418/ffilz/nfs-ganesha refs/changes/94/233494/1 -- To view, visit https://review.gerrithub.io/233494 To unsubscribe, visit https://review.gerrithub.io/settings Gerrit-MessageType: newchange Gerrit-Change-Id: I870be24875d6a0bdb54ee8ea8205776b5e88b9f6 Gerrit-PatchSet: 1 Gerrit-Project: ffilz/nfs-ganesha Gerrit-Branch: next Gerrit-Owner: Vincent Saulue-Laborde <vincent.sau...@bull.net> ------------------------------------------------------------------------------ One dashboard for servers and applications across Physical-Virtual-Cloud Widest out-of-the-box monitoring support with 50+ applications Performance metrics, stats and reports that give you Actionable Insights Deep dive visibility with transaction tracing using APM Insight. http://ad.doubleclick.net/ddm/clk/290420510;117567292;y _______________________________________________ Nfs-ganesha-devel mailing list Nfs-ganesha-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/nfs-ganesha-devel
