Session::check_access() is buggy
It calls CInode::make_path_string(path, false, in->get_projected_parent_dn()). The second argument 'false' makes the third argument useless. For newly created inode, the returned path is something like #1xxxxxxxxx. This can cause the access check fails.
- Status changed from New to Fix Under Review
- Status changed from Fix Under Review to Resolved
- Status changed from Resolved to Pending Backport
Seems like this could be serious enough to backport (Zheng: this could happen in normal use, right?)
Whoops, yes. Luckily only for users of hard links, but that's good enough reason!
Yes, it could happen for normal case (newly created file). We should backport it
- Category set to Security Model
- Status changed from Pending Backport to Resolved
Also available in: Atom