Default ACL masks not working properly in eCryptfs
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
eCryptfs |
Fix Released
|
Medium
|
Tyler Hicks | ||
ecryptfs-utils (Ubuntu) |
Invalid
|
Undecided
|
Unassigned | ||
Lucid |
Invalid
|
Undecided
|
Unassigned | ||
Natty |
Invalid
|
Undecided
|
Unassigned | ||
Oneiric |
Invalid
|
Undecided
|
Unassigned | ||
Precise |
Invalid
|
Undecided
|
Unassigned | ||
Quantal |
Invalid
|
Undecided
|
Unassigned | ||
linux (Ubuntu) |
Fix Released
|
Undecided
|
Tim Gardner | ||
Lucid |
Fix Released
|
Undecided
|
Tim Gardner | ||
Natty |
Fix Released
|
Undecided
|
Colin Ian King | ||
Oneiric |
Fix Released
|
Undecided
|
Colin Ian King | ||
Precise |
Fix Released
|
Undecided
|
Colin Ian King | ||
Quantal |
Fix Released
|
Undecided
|
Tim Gardner |
Bug Description
Originally discovered when installing latest git from original sources,
see discussion here http://
This bug is exposed when the eCryptfs mount options do not include '-o acl', but the lower filesystem's mount options do include 'acl'. This results in the MS_POSIXACL flag *not* being set in the eCryptfs super_block.
A simple test case was added to the ecryptfs-utils tree in tests/kernel/
http://
Test case from Jeff King (the setfacl command was incorrect in the original email from Jeff):
setfacl -dm m:rwx .
perl -MFcntl -e 'sysopen(X, "a", O_WRONLY|O_CREAT, 0444)'
umask 077
perl -MFcntl -e 'sysopen(X, "b", O_WRONLY|O_CREAT, 0444)'
getfacl a b
On ext4, both files will have the read bit set in the mask. On ecryptfs,
"b" will have an empty mask.
ProblemType: Bug
DistroRelease: Ubuntu 12.04
Package: ecryptfs-utils 96-0ubuntu3
ProcVersionSign
Uname: Linux 3.2.0-25-generic x86_64
NonfreeKernelMo
ApportVersion: 2.0.1-0ubuntu9
Architecture: amd64
Date: Tue Jun 5 22:37:36 2012
EcryptfsInUse: Yes
InstallationMedia: Ubuntu 11.10 "Oneiric Ocelot" - Release amd64 (20111012)
SourcePackage: ecryptfs-utils
UpgradeStatus: Upgraded to precise on 2012-02-18 (108 days ago)
Related branches
Changed in ecryptfs: | |
status: | New → In Progress |
description: | updated |
description: | updated |
Changed in ecryptfs: | |
importance: | Undecided → Medium |
Changed in ecryptfs: | |
status: | Fix Committed → Fix Released |
Changed in ecryptfs-utils (Ubuntu Natty): | |
status: | New → Invalid |
Changed in ecryptfs-utils (Ubuntu Oneiric): | |
status: | New → Invalid |
Changed in ecryptfs-utils (Ubuntu Precise): | |
status: | New → Invalid |
Changed in linux (Ubuntu Natty): | |
assignee: | nobody → smokeyking (cking) |
status: | New → Fix Committed |
assignee: | smokeyking (cking) → Colin King (colin-king) |
Changed in linux (Ubuntu Oneiric): | |
assignee: | nobody → Colin King (colin-king) |
status: | New → Fix Committed |
Changed in linux (Ubuntu Precise): | |
assignee: | nobody → Colin King (colin-king) |
status: | New → Fix Committed |
Changed in linux (Ubuntu Quantal): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | Confirmed → Fix Committed |
Changed in linux (Ubuntu Lucid): | |
assignee: | nobody → Tim Gardner (timg-tpi) |
status: | New → In Progress |
Changed in ecryptfs-utils (Ubuntu Lucid): | |
status: | New → Invalid |
Changed in linux (Ubuntu Lucid): | |
status: | In Progress → Fix Committed |
Changed in linux (Ubuntu Quantal): | |
status: | Fix Committed → Fix Released |
tags: | added: verification-needed-oneiric |
tags: | added: verification-needed-lucid |
tags: | added: verification-needed-natty |
Hi Stefan - Thanks for using eCryptfs!
I'm going to make this report public because the issue was already discussed on public mailing lists. Additionally, the security impacts are minimal because the file's mode can only be more restrictive than intended due to this bug and access checks are still performed on the lower inode.