[LU-13064] Check permissions when accessing changelogs - Whamcloud Community JIRA

Details

Type: Bug
Resolution: Fixed
Priority: Major
Fix Version/s: Lustre 2.14.0
Affects Version/s: None
Labels:
- LTS12
- patch
- sec

Severity:
3
Rank (Obsolete):
9223372036854775807

Description

root permissions should be checked when reading or clearing changelogs from clients. In particular, if root is squashed via a nodemap entry, it should not be allowed to access changelogs.

I will push a patch to implement this check.

Attachments

Activity

[LU-13064] Check permissions when accessing changelogs

Peter Jones added a comment - 07/May/20 1:36 PM

Landed for 2.14

Peter Jones added a comment - 07/May/20 1:36 PM Landed for 2.14

Gerrit Updater added a comment - 07/May/20 5:42 AM

Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/36990/
Subject: ~~LU-13064~~ sec: check permissions for changelogs access
Project: fs/lustre-release
Branch: master
Current Patch Set:
Commit: 4e8fcee92d75102314f6c39c72b9c2cbce109bd4

Gerrit Updater added a comment - 07/May/20 5:42 AM Oleg Drokin (green@whamcloud.com) merged in patch https://review.whamcloud.com/36990/ Subject: LU-13064 sec: check permissions for changelogs access Project: fs/lustre-release Branch: master Current Patch Set: Commit: 4e8fcee92d75102314f6c39c72b9c2cbce109bd4

Gerrit Updater added a comment - 11/Dec/19 5:49 PM

Sebastien Buisson (sbuisson@ddn.com) uploaded a new patch: https://review.whamcloud.com/36990
Subject: ~~LU-13064~~ sec: check permissions for changelogs access
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: e43bcae1c1493bff1ffb21bd3c3c042288581512

Gerrit Updater added a comment - 11/Dec/19 5:49 PM Sebastien Buisson (sbuisson@ddn.com) uploaded a new patch: https://review.whamcloud.com/36990 Subject: LU-13064 sec: check permissions for changelogs access Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: e43bcae1c1493bff1ffb21bd3c3c042288581512

Gerrit Updater added a comment - 11/Dec/19 5:49 PM

Sebastien Buisson (sbuisson@ddn.com) uploaded a new patch: https://review.whamcloud.com/36989
Subject: ~~LU-13064~~ sec: reserve flag for changelogs permissions
Project: fs/lustre-release
Branch: master
Current Patch Set: 1
Commit: 9a559136555b7f016cf585d07bd447ccf751265d

Gerrit Updater added a comment - 11/Dec/19 5:49 PM Sebastien Buisson (sbuisson@ddn.com) uploaded a new patch: https://review.whamcloud.com/36989 Subject: LU-13064 sec: reserve flag for changelogs permissions Project: fs/lustre-release Branch: master Current Patch Set: 1 Commit: 9a559136555b7f016cf585d07bd447ccf751265d

People

Assignee:: Sebastien Buisson

Reporter:: Sebastien Buisson

Votes:: 0 Vote for this issue

Watchers:: 3 Start watching this issue

Dates

Created:: 11/Dec/19 5:40 PM

Updated:: 22/Mar/23 4:05 AM

Resolved:: 07/May/20 1:36 PM