From b08cbce5c1244f901e58812402d82a1816ecf436 Mon Sep 17 00:00:00 2001 From: Jakob Unterwurzacher Date: Sun, 20 Jan 2019 13:34:46 +0100 Subject: fusefronted: comment why Access() does not check context.Uid https://github.com/rfjakob/gocryptfs/issues/347 --- internal/fusefrontend/fs.go | 10 ++++++++++ 1 file changed, 10 insertions(+) diff --git a/internal/fusefrontend/fs.go b/internal/fusefrontend/fs.go index 096e663..ff628e5 100644 --- a/internal/fusefrontend/fs.go +++ b/internal/fusefrontend/fs.go @@ -617,6 +617,16 @@ func (fs *FS) Link(oldPath string, newPath string, context *fuse.Context) (code // Access - FUSE call. Check if a file can be accessed in the specified mode(s) // (read, write, execute). // +// From https://github.com/libfuse/libfuse/blob/master/include/fuse.h : +// +// > Check file access permissions +// > +// > If the 'default_permissions' mount option is given, this method is not +// > called. +// +// We always enable default_permissions when -allow_other is passed, so there +// is no need for this function to check the uid in fuse.Context. +// // Symlink-safe through use of faccessat. func (fs *FS) Access(relPath string, mode uint32, context *fuse.Context) (code fuse.Status) { if fs.isFiltered(relPath) { -- cgit v1.2.3