Description
Description
Neither of the two functions (normpath() and metawalkandparent()) used to retrieve an absolute path and an inode corresponding to that path check whether components of the path grant search permissions (a read flag). These two are the only helper functions called in many syscalls related to filesystem, like mkdir_syscall(), rmdir_syscall(), etc. Thus, if any of these syscalls are called on a directory that has some component in its path that doesn't grant search permissions, we will still be able to traverse the file tree, which is an unexpected behavior.
Why this behavior?
Search permissions (a read flag) are not checked while walking the file tree.
How is this tested?
The bug can be inspected by running ut_lind_fs_search_permission_bug_with_rmdir(). This unit test creates a new parent directory and its child directory with mkdir_syscall() both with write permissions but without search permissions (the read flag) for the parent directory and then attempts to remove the new child directory with rmdir_syscall(). The expected behavior is that neither mkdir_syscall() nor rmdir_syscall() should run successfully because the parent directory doesn't grant search permissions. Nevertheless, the test runs successfully without any errors.