[Bug 1081502] [NEW] posix acl permissions evaluated wrongly with null mask

Andras Bendzsak benjoe at sch.bme.hu
Wed Nov 21 09:12:45 UTC 2012 

Public bug reported:

Hi!

According to my experience the Linux Kernel Access Control evaluate
wrongly the POSIX ACL-s when a mask is null (mask::---)

Let's see an example:
root at bar:~# getfacl /tmp/test 
getfacl: Removing leading '/' from absolute path names
# file: tmp/test
# owner: root
# group: root
user::rw-
user:foo:---
group::r--                      #effective:---
mask::---
          ^^^^^
other::r--

As we can see the foo user hasn't got any rights on the test file and a mask is zero.
Let's try to read the file as the foo user:
foo at bar:~$ cat /tmp/test
FOOBAR
foo at bar:~$ 

Success.

According to the documentation (man acl) user foo cannot access the file:
"     2.   else if the effective user ID of the process matches the qualifier of any entry of type ACL_USER, then
              if the matching ACL_USER entry and the ACL_MASK entry contain the requested permissions, access is granted,
              else access is denied."

If I change the the mask entry to something else:
root at bar:~# getfacl /tmp/test 
getfacl: Removing leading '/' from absolute path names
# file: tmp/test
# owner: root
# group: root
user::rw-
user:foo:---
group::r--                      #effective:---
mask::-w-
          ^^^^^^
other::r--

the foo user cannot read the file:
foo at bar:~$ cat /tmp/test 
cat: /tmp/test: Permission denied

I tested with ext4 and tmpfs with the same result. I also tested on a
Solaris 9 machine where the permissions work as expected.

System info:
Description:    Ubuntu 12.04.1 LTS
Release:        12.04

acl:
  Installed: 2.2.51-5ubuntu1
  Candidate: 2.2.51-5ubuntu1
  Version table:
 *** 2.2.51-5ubuntu1 0
        500 http://hu.archive.ubuntu.com/ubuntu/ precise/main i386 Packages
        100 /var/lib/dpkg/status

Linux bar 3.2.0-29-generic-pae #46-Ubuntu SMP Fri Jul 27 17:25:43 UTC
2012 i686 i686 i386 GNU/Linux

Thank you for your time and I hope you can find the source of this
issue.

** Affects: acl (Ubuntu)
     Importance: Undecided
         Status: New

** Summary changed:

- posix acl is evaluated wrong  null mask
+ posix acl permissions evaluated wrongly with null mask

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to acl in Ubuntu.
https://bugs.launchpad.net/bugs/1081502

Title:
  posix acl permissions evaluated wrongly with null mask

Status in “acl” package in Ubuntu:
  New

Bug description:
  Hi!

  According to my experience the Linux Kernel Access Control evaluate
  wrongly the POSIX ACL-s when a mask is null (mask::---)

  Let's see an example:
  root at bar:~# getfacl /tmp/test 
  getfacl: Removing leading '/' from absolute path names
  # file: tmp/test
  # owner: root
  # group: root
  user::rw-
  user:foo:---
  group::r--                      #effective:---
  mask::---
            ^^^^^
  other::r--

  As we can see the foo user hasn't got any rights on the test file and a mask is zero.
  Let's try to read the file as the foo user:
  foo at bar:~$ cat /tmp/test
  FOOBAR
  foo at bar:~$ 

  Success.

  According to the documentation (man acl) user foo cannot access the file:
  "     2.   else if the effective user ID of the process matches the qualifier of any entry of type ACL_USER, then
                if the matching ACL_USER entry and the ACL_MASK entry contain the requested permissions, access is granted,
                else access is denied."

  If I change the the mask entry to something else:
  root at bar:~# getfacl /tmp/test 
  getfacl: Removing leading '/' from absolute path names
  # file: tmp/test
  # owner: root
  # group: root
  user::rw-
  user:foo:---
  group::r--                      #effective:---
  mask::-w-
            ^^^^^^
  other::r--

  the foo user cannot read the file:
  foo at bar:~$ cat /tmp/test 
  cat: /tmp/test: Permission denied

  I tested with ext4 and tmpfs with the same result. I also tested on a
  Solaris 9 machine where the permissions work as expected.

  System info:
  Description:    Ubuntu 12.04.1 LTS
  Release:        12.04

  acl:
    Installed: 2.2.51-5ubuntu1
    Candidate: 2.2.51-5ubuntu1
    Version table:
   *** 2.2.51-5ubuntu1 0
          500 http://hu.archive.ubuntu.com/ubuntu/ precise/main i386 Packages
          100 /var/lib/dpkg/status

  Linux bar 3.2.0-29-generic-pae #46-Ubuntu SMP Fri Jul 27 17:25:43 UTC
  2012 i686 i686 i386 GNU/Linux

  Thank you for your time and I hope you can find the source of this
  issue.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/acl/+bug/1081502/+subscriptions

More information about the foundations-bugs mailing list