Denied modifications to metadata files

src/lowntfs-3g.c

@@ -1274,6 +1274,9 @@ static void ntfs_fuse_open(fuse_req_t req, fuse_ino_t ino,
 				    && (ni->flags & FILE_ATTR_ENCRYPTED))
 					state |= CLOSE_ENCRYPTED;
 #endif /* HAVE_SETXATTR */
+			/* deny opening metadata files for writing */
+				if (ino < FILE_first_user)
+					res = -EPERM;
 			}
 			ntfs_attr_close(na);
 		} else
@@ -1551,6 +1554,11 @@ static int ntfs_fuse_trunc(struct SECURITY_CONTEXT *scx, fuse_ino_t ino,
 	if (!ni)
 		goto exit;
 
+	/* deny truncating metadata files */
+	if (ino < FILE_first_user) {
+		errno = EPERM;
+		goto exit;
+	}
 	na = ntfs_attr_open(ni, AT_DATA, AT_UNNAMED, 0);
 	if (!na)
 		goto exit;
@@ -2158,6 +2166,11 @@ static int ntfs_fuse_rm(fuse_req_t req, fuse_ino_t parent, const char *name)
 		res = -errno;
 		goto exit;
 	}
+	/* deny unlinking metadata files */
+	if (MREF(iref) < FILE_first_user) {
+		res = -EPERM;
+		goto exit;
+	}
 
 	of = ctx->open_files;
 	ino = (fuse_ino_t)MREF(iref);

src/ntfs-3g.c

@@ -1220,6 +1220,9 @@ static int ntfs_fuse_open(const char *org_path,
 				    && (ni->flags & FILE_ATTR_ENCRYPTED))
 					fi->fh |= CLOSE_ENCRYPTED;
 #endif /* HAVE_SETXATTR */
+			/* deny opening metadata files for writing */
+				if (ni->mft_no < FILE_first_user)
+					res = -EPERM;
 			}
 			ntfs_attr_close(na);
 		} else
@@ -1431,6 +1434,11 @@ static int ntfs_fuse_trunc(const char *org_path, off_t size,
 	ni = ntfs_pathname_to_inode(ctx->vol, NULL, path);
 	if (!ni)
 		goto exit;
+	/* deny truncating metadata files */
+	if (ni->mft_no < FILE_first_user) {
+		errno = EPERM;
+		goto exit;
+	}
 
 	na = ntfs_attr_open(ni, AT_DATA, stream_name, stream_name_len);
 	if (!na)
@@ -1983,6 +1991,13 @@ static int ntfs_fuse_rm(const char *org_path)
 		res = -errno;
 		goto exit;
 	}
+	/* deny unlinking metadata files */
+	if (ni->mft_no < FILE_first_user) {
+		errno = EPERM;
+		res = -errno;
+		goto exit;
+	}
+
 	/* Generate unicode filename. */
 	name = strrchr(path, '/');
 	name++;