I have found a minor bug around permission or creat/open.
Usually linux prohibits opening the running executable file for
writing. This mechanism is based upon a member of struct inode. And
there are multiple inodes in unionfs, which are hidden ones (on branch)
and unionfs one.
At exec time, the returned file/inode from unionfs is hidden one. And
linux marks the hidden executable file is running in order to prohibit
to be written. But the checking at later exec time is done to the unionfs
inode, not hidden inode.
Finally unionfs does not return ETXTBSY and truncates the running
executable file illegally.
int main(int argc, char *argv[])
{
return creat(argv[1], 0755);
}
$ cd unionfs
$ cc a.c
$ ls -l a.out
-rwxr-xr-x 1 jro jro 11503 Dec 7 18:35 a.out*
$ ./a.out a.out
Bus error
$ ls -l a.out
-rwxr-xr-x 1 jro jro 0 Dec 7 18:36 a.out*
Junjiro Okajima
--- inode.c 2005-12-01 05:54:06.000000000 +0900
+++ inode.c 2005-12-07 18:41:25.000000000 +0900
@@ -917,6 +917,12 @@ static int unionfs_permission(struct ino
*/
if (!S_ISDIR(hidden_inode->i_mode) && (!is_file))
continue;
+ if (mask & MAY_WRITE) {
+ err = get_write_access(hidden_inode);
+ if (err)
+ goto out;
+ }
+
/* We use our own special version of permission, such that
* only the first branch returns -EROFS. */
err = inode_permission(hidden_inode, mask, nd, bindex);
_______________________________________________
unionfs mailing list
[email protected]
http://www.fsl.cs.sunysb.edu/mailman/listinfo/unionfs
