> Hi!
>
> > + if (S_ISDIR(inode->i_mode) && capable(CAP_DAC_READ_SEARCH))
> > + return 0;
>
> Is this right? This means that root can do cat /, no? That does not
> seem like expected behaviour.
1) it's permission(..., MAY_EXEC)
2) in any case, root _can_ open "/" with O_RDONLY. Always could. That's
what you do for ls /, after all - open(2) followed by getdents(2). Now,
read(2) will fail (check what ->read() for directories is set to), but
that has nothing to permission checks.
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/