Skip to content

Commit

Permalink
Correctly use setgid/setuid with allow_other
Browse files Browse the repository at this point in the history 
- use these functions in the correct order ;
- correctly check for their return code.
This helps to correct #398.
  • Loading branch information
Ben RUBSON authored Oct 1, 2017
1 parent f5d37d2 commit e0f10e2
Show file tree
Hide file tree
Showing 3 changed files with 23 additions and 15 deletions.
16 changes: 13 additions & 3 deletions encfs/DirNode.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -501,11 +501,21 @@ int DirNode::mkdir(const char *plaintextPath, mode_t mode, uid_t uid,
// if uid or gid are set, then that should be the directory owner
int olduid = -1;
int oldgid = -1;
if (uid != 0) {
olduid = setfsuid(uid);
}
if (gid != 0) {
oldgid = setfsgid(gid);
if (oldgid == -1) {
int eno = errno;
RLOG(DEBUG) << "setfsgid error: " << strerror(eno);
return -EPERM;
}
}
if (uid != 0) {
olduid = setfsuid(uid);
if (olduid == -1) {
int eno = errno;
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
return -EPERM;
}
}

int res = ::mkdir(cyName.c_str(), mode);
Expand Down
16 changes: 8 additions & 8 deletions encfs/FileNode.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -154,14 +154,6 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
int res;
int olduid = -1;
int oldgid = -1;
if (uid != 0) {
olduid = setfsuid(uid);
if (olduid == -1) {
int eno = errno;
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
return -EPERM;
}
}
if (gid != 0) {
oldgid = setfsgid(gid);
if (oldgid == -1) {
Expand All @@ -170,6 +162,14 @@ int FileNode::mknod(mode_t mode, dev_t rdev, uid_t uid, gid_t gid) {
return -EPERM;
}
}
if (uid != 0) {
olduid = setfsuid(uid);
if (olduid == -1) {
int eno = errno;
RLOG(DEBUG) << "setfsuid error: " << strerror(eno);
return -EPERM;
}
}

/*
* cf. xmp_mknod() in fusexmp.c
Expand Down
6 changes: 2 additions & 4 deletions encfs/encfs.h
View file
Original file line number Diff line number Diff line change
Expand Up @@ -41,8 +41,7 @@ static __inline int setfsuid(uid_t uid) {
uid_t olduid = geteuid();

if (seteuid(uid) != 0) {
int eno = errno;
VLOG(1) << "seteuid error: " << strerror(eno);
return -1;
}

return olduid;
Expand All @@ -52,8 +51,7 @@ static __inline int setfsgid(gid_t gid) {
gid_t oldgid = getegid();

if (setegid(gid) != 0) {
int eno = errno;
VLOG(1) << "setfsgid error: " << strerror(eno);
return -1;
}

return oldgid;
Expand Down

0 comments on commit e0f10e2

Please sign in to comment.