From a031dfd5e21a286895f0a5ab051fcf6340f15ce5 Mon Sep 17 00:00:00 2001
From: Guido van Rooij <guido@FreeBSD.org>
Date: Mon, 7 Sep 1998 07:20:30 +0000
Subject: [PATCH] Fix problem reported on bugtraq: check permission of device
 mounted for non-root users. Fortunately, the default for vfs.usermount is 0.
 Tested by:	"Jan B. Koum " <jkb@best.com

---
 sys/fs/cd9660/cd9660_vfsops.c    | 20 +++++++++++++++++++-
 sys/isofs/cd9660/cd9660_vfsops.c | 20 +++++++++++++++++++-
 2 files changed, 38 insertions(+), 2 deletions(-)

diff --git a/sys/fs/cd9660/cd9660_vfsops.c b/sys/fs/cd9660/cd9660_vfsops.c
index b0bfca2d51eb..cc1672f83868 100644
--- a/sys/fs/cd9660/cd9660_vfsops.c
+++ b/sys/fs/cd9660/cd9660_vfsops.c
@@ -36,7 +36,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)cd9660_vfsops.c	8.18 (Berkeley) 5/22/95
- * $Id: cd9660_vfsops.c,v 1.40 1998/06/07 17:11:29 dfr Exp $
+ * $Id: cd9660_vfsops.c,v 1.41 1998/07/04 22:30:21 julian Exp $
  */
 
 #include <sys/param.h>
@@ -199,6 +199,7 @@ cd9660_mount(mp, path, data, ndp, p)
 	struct iso_args args;
 	size_t size;
 	int error;
+	mode_t accessmode;
 	struct iso_mnt *imp = 0;
 
 #ifndef VFS_LKM /* mount root makes no sense to an LKM */
@@ -244,6 +245,23 @@ cd9660_mount(mp, path, data, ndp, p)
 		vrele(devvp);
 		return ENXIO;
 	}
+
+	/*       
+	 * If mount by non-root, then verify that user has necessary
+	 * permissions on the device.
+	 */
+	if (p->p_ucred->cr_uid != 0) {
+		accessmode = VREAD;
+		if ((mp->mnt_flag & MNT_RDONLY) == 0)
+			accessmode |= VWRITE;
+		vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
+		if (error = VOP_ACCESS(devvp, accessmode, p->p_ucred, p)) {
+			vput(devvp);
+			return (error);
+		}
+		VOP_UNLOCK(devvp, 0, p);
+	}
+
 	if ((mp->mnt_flag & MNT_UPDATE) == 0) {
 		if (bdevsw[major(devvp->v_rdev)]->d_flags & D_NOCLUSTERR)
 			mp->mnt_flag |= MNT_NOCLUSTERR;
diff --git a/sys/isofs/cd9660/cd9660_vfsops.c b/sys/isofs/cd9660/cd9660_vfsops.c
index b0bfca2d51eb..cc1672f83868 100644
--- a/sys/isofs/cd9660/cd9660_vfsops.c
+++ b/sys/isofs/cd9660/cd9660_vfsops.c
@@ -36,7 +36,7 @@
  * SUCH DAMAGE.
  *
  *	@(#)cd9660_vfsops.c	8.18 (Berkeley) 5/22/95
- * $Id: cd9660_vfsops.c,v 1.40 1998/06/07 17:11:29 dfr Exp $
+ * $Id: cd9660_vfsops.c,v 1.41 1998/07/04 22:30:21 julian Exp $
  */
 
 #include <sys/param.h>
@@ -199,6 +199,7 @@ cd9660_mount(mp, path, data, ndp, p)
 	struct iso_args args;
 	size_t size;
 	int error;
+	mode_t accessmode;
 	struct iso_mnt *imp = 0;
 
 #ifndef VFS_LKM /* mount root makes no sense to an LKM */
@@ -244,6 +245,23 @@ cd9660_mount(mp, path, data, ndp, p)
 		vrele(devvp);
 		return ENXIO;
 	}
+
+	/*       
+	 * If mount by non-root, then verify that user has necessary
+	 * permissions on the device.
+	 */
+	if (p->p_ucred->cr_uid != 0) {
+		accessmode = VREAD;
+		if ((mp->mnt_flag & MNT_RDONLY) == 0)
+			accessmode |= VWRITE;
+		vn_lock(devvp, LK_EXCLUSIVE | LK_RETRY, p);
+		if (error = VOP_ACCESS(devvp, accessmode, p->p_ucred, p)) {
+			vput(devvp);
+			return (error);
+		}
+		VOP_UNLOCK(devvp, 0, p);
+	}
+
 	if ((mp->mnt_flag & MNT_UPDATE) == 0) {
 		if (bdevsw[major(devvp->v_rdev)]->d_flags & D_NOCLUSTERR)
 			mp->mnt_flag |= MNT_NOCLUSTERR;