fusefronted: comment why Access() does not check context.Uid

https://github.com/rfjakob/gocryptfs/issues/347
author: Jakob Unterwurzacher 2019-01-20 13:34:46 +0100
committer: Jakob Unterwurzacher 2019-01-20 14:37:36 +0100
commit: b08cbce5c1244f901e58812402d82a1816ecf436 (patch)
tree: fc89d0ba50f9f5dda7cf6abc78a30f5b4bb5166c /internal/fusefrontend
parent: ec4c9f2adb7bf1edde43a981dc690d3fee6175e8 (diff)
1 files changed, 10 insertions, 0 deletions
diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go
index 096e663..ff628e5 100644
--- a/internal/fusefrontend/fs.go
+++ b/internal/fusefrontend/fs.go
@@ -617,6 +617,16 @@ func (fs *FS) Link(oldPath string, newPath string, context *fuse.Context) (code
 // Access - FUSE call. Check if a file can be accessed in the specified mode(s)
 // (read, write, execute).
 //
+// From https://github.com/libfuse/libfuse/blob/master/include/fuse.h :
+//
+// > Check file access permissions
+// >
+// > If the 'default_permissions' mount option is given, this method is not
+// > called.
+//
+// We always enable default_permissions when -allow_other is passed, so there
+// is no need for this function to check the uid in fuse.Context.
+//
 // Symlink-safe through use of faccessat.
 func (fs *FS) Access(relPath string, mode uint32, context *fuse.Context) (code fuse.Status) {
 	if fs.isFiltered(relPath) {
author	Jakob Unterwurzacher	2019-01-20 13:34:46 +0100
committer	Jakob Unterwurzacher	2019-01-20 14:37:36 +0100
commit	b08cbce5c1244f901e58812402d82a1816ecf436 (patch)
tree	fc89d0ba50f9f5dda7cf6abc78a30f5b4bb5166c /internal/fusefrontend
parent	ec4c9f2adb7bf1edde43a981dc690d3fee6175e8 (diff)