Linus Torvalds writes: (Summary) wrote:
It should always be there in the 'struct file *'.
It should always be there in the 'struct file *'.
Now, we may have some broken stuff that passes only inodes down, but they probably really should be fixed.
they probably really should be fixed.
So ioctl() may be ok, simply because at least you shouldn't be able to fool suid programs to do ioctl's on untrusted file descriptors. So using current_cred() is still technically very wrong, but it's probably not a huge problem in practice.
probably not a huge problem in practice.
Now, if there's some cachefs kind of "do ioctl at the behest of somebody else", then *that* would be a problem.
[...]
down.It should always be there in the 'struct file *'.
It should always be there in the 'struct file *'.
Now, we may have some broken stuff that passes only inodes down, but they probably really should be fixed.
they probably really should be fixed.
[...]
not f_cred.So ioctl() may be ok, simply because at least you shouldn't be able to fool suid programs to do ioctl's on untrusted file descriptors. So using current_cred() is still technically very wrong, but it's probably not a huge problem in practice.
probably not a huge problem in practice.
Now, if there's some cachefs kind of "do ioctl at the behest of somebody else", then *that* would be a problem.