-
Notifications
You must be signed in to change notification settings - Fork 247
New issue
Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.
By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.
Already on GitHub? Sign in to your account
Multiple fixes for PlaintextNames mode #178
Merged
Merged
Conversation
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
* Acquire the lock before reading the current directory * Fix a file descriptor leak
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. We should not attempt to read the directory IV or to create special .name files. Partially fixes rfjakob#174
This is already done in regular mode, but was missing when PlaintextNames mode is enabled. As a result, symlinks created by non-root users were still owned by root afterwards. Fixes rfjakob#176
Fixes the same problem as described in 72b9758, except for symlinks instead of device nodes.
…fy Mknod and Symlink
In PlaintextNames mode the "gocryptfs.longname." prefix does not have any special meaning. We should not attempt to delete any .name files. Partially fixes rfjakob#174
slackner
force-pushed
the
syscallcompat
branch
from
November 28, 2017 00:42
d70df11
to
b708733
Compare
Looks good to me, thanks! |
PS: About the MacOS syscall wrappers: the plan is to make them testable under Linux. Testing on MacOS is too much hassle. |
Thanks for reviewing! Offering a way to test the MacOS code path on Linux definitely sounds like a good idea. Those syscall wrappers are already pretty complicated, would be nice to integrate them into the automated testing framework. |
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
This set fixes:
Some bugs in the recently introduced
Fchownat
syscall wrapper. Unfortunately I do not have any macOS machine available, so please verify that everything still works after these changes.Partially issue Race-conditions related to PreserveOwner allow to set owner/group of arbitrary files when using plaintextnames #177 (the symlink part)
Issue Symlink owner is not set in forward mode with plaintextnames enabled #176
Partially issue Missing check for plaintextnames in many FUSE callbacks #174 (the mknod and unlink part)
In addition the set introduces a
openBackingPath
helper to do path conversion and open a handle to the directory. This could be especially useful later for fixing issue #165.Please let me know what you think. Also feel free to cherry-pick certain patches if you want to solve certain issues in a different way.