Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
The current setgid stripping logic during write and ownership change operations is inconsistent and strewn over multiple places. In order to consolidate it and make more consistent we'll add a new helper should_remove_sgid(). The function retains the old behavior where we remove the S_ISGID bit unconditionally when S_IXGRP is set but also when it isn't set and the caller is neither in the group of the inode nor privileged over the inode. We will use this helper both in write operation permission removal such as file_remove_privs() as well as in ownership change operations. Signed-off-by: Christian Brauner (Microsoft) <brauner@kernel.org>
- Loading branch information