client: clear suid/sgid bits on non-zero write

According to [1], these bits should be cleared regardless of any exe bits on the file. Also, add the required non-zero write check. [1] http://pubs.opengroup.org/onlinepubs/9699919799/functions/pwrite.html Signed-off-by: Patrick Donnelly <pdonnell@redhat.com> (cherry picked from commit 24c9de5)
ceph · Sep 5, 2017 · b9514d4 · b9514d4
1 parent e41a8c2
commit b9514d4
Showing 1 changed file with 1 addition and 2 deletions.
diff --git a/src/client/Client.cc b/src/client/Client.cc
@@ -9018,8 +9018,7 @@ int Client::_write(Fh *f, int64_t offset, uint64_t size, const char *buf,
     return r;
 
   /* clear the setuid/setgid bits, if any */
-  if (unlikely((in->mode & S_ISUID) ||
-	       (in->mode & (S_ISGID | S_IXGRP)) == (S_ISGID | S_IXGRP))) {
+  if (unlikely(in->mode & (S_ISUID|S_ISGID)) && size > 0) {
     struct ceph_statx stx = { 0 };
 
     put_cap_ref(in, CEPH_CAP_AUTH_SHARED);