Project

General

Profile

Actions
Copy link

Feature #12445

open

improved path enforcement for hard links

Added by Sage Weil over 8 years ago. Updated almost 8 years ago.

Status:
New
Priority:
Normal
Assignee:
-
Category:
Security Model
Target version:
-
% Done:

0%

Source:
Development
Tags:
Backport:
Reviewed:
Affected Versions:
Component(FS):
Client, Common/Protocol, MDS
Labels (FS):
Pull request ID:

Description

The initial path restriction will not work properly for remote links inside the security domain that link to a primary outside the restricted path.

We could improve this by inferring from the client which path was used to lookup the file. This could be done by associating the CDentry* with the Capability* for files. (For directories, the path is unambiguous.)

Actions
Copy link
 #1

Updated by Sage Weil over 8 years ago

  • Description updated (diff)
  • Priority changed from Normal to Low
  • Source changed from other to Development
Actions
Copy link
 #2

Updated by Greg Farnum almost 8 years ago

  • Category set to Correctness/Safety
  • Priority changed from Low to Normal
Actions
Copy link
 #3

Updated by Greg Farnum almost 8 years ago

  • Category changed from Correctness/Safety to Security Model
  • Component(FS) Client, Common/Protocol, MDS added
Actions
Copy link

Also available in: Atom PDF