Use access mode instead of open flags to determine needed permissions (CVE-2008-0001)

[karo-tx-linux.git] / fs / namei.c

diff --git a/fs/namei.c b/fs/namei.c
index a83160acd7487328a0b86d318ac4e3427df7e329..314afe60889191b17bdefd8c5ac25cbee7345f0a 100644 (file)
--- a/fs/namei.c
+++ b/fs/namei.c
@@ -1576,7 +1576,7 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
        if (S_ISLNK(inode->i_mode))
                return -ELOOP;
        
-       if (S_ISDIR(inode->i_mode) && (flag & FMODE_WRITE))
+       if (S_ISDIR(inode->i_mode) && (acc_mode & MAY_WRITE))
                return -EISDIR;
 
        error = vfs_permission(nd, acc_mode);
@@ -1595,7 +1595,7 @@ int may_open(struct nameidata *nd, int acc_mode, int flag)
                        return -EACCES;
 
                flag &= ~O_TRUNC;
-       } else if (IS_RDONLY(inode) && (flag & FMODE_WRITE))
+       } else if (IS_RDONLY(inode) && (acc_mode & MAY_WRITE))
                return -EROFS;
        /*
         * An append-only file must be opened in append mode for writing.