restrict who can setxattr the pseudo file. closes #64

src/getattr.cpp

@@ -48,10 +48,10 @@ _getattr_controlfile(struct stat &buf)
 
   buf.st_dev     = 0;
   buf.st_ino     = 0;
-  buf.st_mode    = (S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IROTH);
+  buf.st_mode    = (S_IFREG|S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH);
   buf.st_nlink   = 1;
-  buf.st_uid     = ::geteuid();
+  buf.st_uid     = ::getuid();
-  buf.st_gid     = ::getegid();
+  buf.st_gid     = ::getgid();
   buf.st_rdev    = 0;
   buf.st_size    = 0;
   buf.st_blksize = 1024;

src/setxattr.cpp

@@ -282,18 +282,23 @@ namespace mergerfs
              size_t      attrvalsize,
              int         flags)
     {
-      const config::Config &config = config::get();
+      const config::Config      &config = config::get();
+      const struct fuse_context *fc     = fuse_get_context();
 
       if(fusepath == config.controlfile)
-        return _setxattr_controlfile(config::get_writable(),
+        {
-                                     attrname,
+          if((fc->uid != ::getuid()) && (fc->gid != ::getgid()))
-                                     string(attrval,attrvalsize),
+            return -EPERM;
-                                     flags);
+
+          return _setxattr_controlfile(config::get_writable(),
+                                       attrname,
+                                       string(attrval,attrvalsize),
+                                       flags);
+        }
 
       {
-        const struct fuse_context *fc = fuse_get_context();
+        const ugid::SetResetGuard ugid(fc->uid,fc->gid);
-        const ugid::SetResetGuard  ugid(fc->uid,fc->gid);
+        const rwlock::ReadGuard   readlock(&config.srcmountslock);
-        const rwlock::ReadGuard    readlock(&config.srcmountslock);
 
         return _setxattr(*config.setxattr,
                          config.srcmounts,