Christian Brauner <brauner@xxxxxxxxxx> wrote: > > However, the bash work around is going to be removed: > > Why is it removed? That's a very strange comment: Because it makes bash output redirection work differently to other programs, I would guess. It's actually a simple security check to work around (just retry the open() with O_CREAT dropped) - however, it does expose an... error, I suppose, in the Linux kernel: namely that the VFS itself is treating foreign files as if they had local system ownership. We have the ->permission() inode op for this reason (I presume) - but that only applies to certain checks. The VFS must not assume that it can interpret i_uid and i_gid on an inode and must not assume that it can compare them to current->fsuid and current->fs_gid. Now, in my patch, I added two inode ops because they VFS code involved makes two distinct evaluations and so I made an op for each and, as such, those evaluations may be applicable elsewhere, but I could make a combined op that handles that specific situation instead. David
