diff options
| author | Niu Yawei <yawei.niu@intel.com> | 2015-09-14 18:41:23 -0400 |
|---|---|---|
| committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2015-09-15 06:26:53 -0700 |
| commit | bbaa9c10328aa14615733c407b0c2f6d9c3df330 (patch) | |
| tree | 87ae3cc11cb1ba27499114cf71462da321540608 /drivers/staging/lustre/lustre/llite | |
| parent | ced41eba4111e954af6a67ff45e30072a89d6cc5 (diff) | |
staging/lustre/llite: deny non-root user for changelog operations
To avoid potential security problems, non-privileged users should
have no permission to run 'lfs changelog' & 'lfs changelog_clear'.
Signed-off-by: Niu Yawei <yawei.niu@intel.com>
Reviewed-on: http://review.whamcloud.com/14280
Intel-bug-id: https://jira.hpdd.intel.com/browse/LU-6415
Reviewed-by: Lai Siyao <lai.siyao@intel.com>
Reviewed-by: Jinshan Xiong <jinshan.xiong@intel.com>
Signed-off-by: Oleg Drokin <oleg.drokin@intel.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'drivers/staging/lustre/lustre/llite')
| -rw-r--r-- | drivers/staging/lustre/lustre/llite/dir.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/drivers/staging/lustre/lustre/llite/dir.c b/drivers/staging/lustre/lustre/llite/dir.c index d407fcc9904d..cc6f0f596ffe 100644 --- a/drivers/staging/lustre/lustre/llite/dir.c +++ b/drivers/staging/lustre/lustre/llite/dir.c @@ -1734,6 +1734,9 @@ out_quotactl: } case OBD_IOC_CHANGELOG_SEND: case OBD_IOC_CHANGELOG_CLEAR: + if (!capable(CFS_CAP_SYS_ADMIN)) + return -EPERM; + rc = copy_and_ioctl(cmd, sbi->ll_md_exp, (void *)arg, sizeof(struct ioc_changelog)); return rc; |