o Make procfs use vaccess() for procfs_access() DAC and super-user checks,
rather than implementing its own {uid,gid,other} checks against vnode
mode. Similar change to linprocfs currently under review.
Obtained from: TrustedBSD Project
This commit is contained in:
Robert Watson
parent
56338d5acb
commit
ca94dd37a3
Notes:
svn2git
2020-12-20 02:59:44 +00:00
svn path=/head/; revision=65331
@ -599,10 +599,6 @@ procfs_setattr(ap)
|
||||
/*
|
||||
* implement access checking.
|
||||
*
|
||||
* something very similar to this code is duplicated
|
||||
* throughout the 4bsd kernel and should be moved
|
||||
* into kern/vfs_subr.c sometime.
|
||||
*
|
||||
* actually, the check for super-user is slightly
|
||||
* broken since it will allow read access to write-only
|
||||
* objects. this doesn't cause any particular trouble
|
||||
@ -619,6 +615,7 @@ procfs_access(ap)
|
||||
} */ *ap;
|
||||
{
|
||||
struct pfsnode *pfs = VTOPFS(ap->a_vp);
|
||||
struct vnode *vp = ap->a_vp;
|
||||
struct proc *procp;
|
||||
struct vattr *vap;
|
||||
struct vattr vattr;
|
||||
@ -637,33 +634,12 @@ procfs_access(ap)
|
||||
}
|
||||
|
||||
vap = &vattr;
|
||||
error = VOP_GETATTR(ap->a_vp, vap, ap->a_cred, ap->a_p);
|
||||
error = VOP_GETATTR(vp, vap, ap->a_cred, ap->a_p);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
/*
|
||||
* Access check is based on only one of owner, group, public.
|
||||
* If not owner, then check group. If not a member of the
|
||||
* group, then check public access.
|
||||
*/
|
||||
if (ap->a_cred->cr_uid != vap->va_uid) {
|
||||
gid_t *gp;
|
||||
int i;
|
||||
|
||||
ap->a_mode >>= 3;
|
||||
gp = ap->a_cred->cr_groups;
|
||||
for (i = 0; i < ap->a_cred->cr_ngroups; i++, gp++)
|
||||
if (vap->va_gid == *gp)
|
||||
goto found;
|
||||
ap->a_mode >>= 3;
|
||||
found:
|
||||
;
|
||||
}
|
||||
|
||||
if ((vap->va_mode & ap->a_mode) == ap->a_mode)
|
||||
return (0);
|
||||
|
||||
return (EACCES);
|
||||
return (vaccess(vp->v_type, vap->va_mode, vap->va_uid, vap->va_gid,
|
||||
ap->a_mode, ap->a_cred, NULL));
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
@ -599,10 +599,6 @@ procfs_setattr(ap)
|
||||
/*
|
||||
* implement access checking.
|
||||
*
|
||||
* something very similar to this code is duplicated
|
||||
* throughout the 4bsd kernel and should be moved
|
||||
* into kern/vfs_subr.c sometime.
|
||||
*
|
||||
* actually, the check for super-user is slightly
|
||||
* broken since it will allow read access to write-only
|
||||
* objects. this doesn't cause any particular trouble
|
||||
@ -619,6 +615,7 @@ procfs_access(ap)
|
||||
} */ *ap;
|
||||
{
|
||||
struct pfsnode *pfs = VTOPFS(ap->a_vp);
|
||||
struct vnode *vp = ap->a_vp;
|
||||
struct proc *procp;
|
||||
struct vattr *vap;
|
||||
struct vattr vattr;
|
||||
@ -637,33 +634,12 @@ procfs_access(ap)
|
||||
}
|
||||
|
||||
vap = &vattr;
|
||||
error = VOP_GETATTR(ap->a_vp, vap, ap->a_cred, ap->a_p);
|
||||
error = VOP_GETATTR(vp, vap, ap->a_cred, ap->a_p);
|
||||
if (error)
|
||||
return (error);
|
||||
|
||||
/*
|
||||
* Access check is based on only one of owner, group, public.
|
||||
* If not owner, then check group. If not a member of the
|
||||
* group, then check public access.
|
||||
*/
|
||||
if (ap->a_cred->cr_uid != vap->va_uid) {
|
||||
gid_t *gp;
|
||||
int i;
|
||||
|
||||
ap->a_mode >>= 3;
|
||||
gp = ap->a_cred->cr_groups;
|
||||
for (i = 0; i < ap->a_cred->cr_ngroups; i++, gp++)
|
||||
if (vap->va_gid == *gp)
|
||||
goto found;
|
||||
ap->a_mode >>= 3;
|
||||
found:
|
||||
;
|
||||
}
|
||||
|
||||
if ((vap->va_mode & ap->a_mode) == ap->a_mode)
|
||||
return (0);
|
||||
|
||||
return (EACCES);
|
||||
return (vaccess(vp->v_type, vap->va_mode, vap->va_uid, vap->va_gid,
|
||||
ap->a_mode, ap->a_cred, NULL));
|
||||
}
|
||||
|
||||
/*
|
||||
|
||||
Loading…
Reference in New Issue
Block a user