Initially, 'acl' (an 'acl_t *') is allocated, and its ACCESS_ACL and
DEFAULT_ACL fields are passed to the 'libc' ACL routines for subsequent
allocation. If the '-m' option (merge existing ACL with a new one) is
specified, then 'set_acl_mask()' will be called and passed one of the
two ACLs. This function, in turn, replaces this given ACL structure by
another, freshly allocated. However, the pointer in the 'acl' variable
in the caller is not updated. The caller then proceeds to free the ACL,
incurring in a double free condition.
Submitted by: Pedro Martelletto <pedro at ambientworks.net>
Approved by: rwatson (mentor)
Before this fix the -h flag was ignored (i.e. setfacl
always set the ACL on the file pointed to by the symbolic
link even when the -h flag requested that the ACL be set
on the symbolic link itself).
next read filename overwrite previous one, resulting in acl being
applied only to the last name in the list.
Submitted by: Oleg Lomaka <oleg.lomaka at gmail com>
MFC after: 1 week
Approved by: kan (mentor)
similar to "-h" on chown, chmod, etc, causing the operation to occur
on a final symlink in the provided path, rather than its target.
Obtained from: TrustedBSD Project
o explicitly check return values and variables against a value
o return x; -> return (x);
o fix inconsistent sysexits usage by nuking it (partially
suggested by bde)
Obtained from: TrustedBSD Project
required by POSIX.1e. This maintains the current 'struct acl'
in the kernel while providing the generic external acl_t
interface required to complete the ACL editing library.
o Add the acl_get_entry() function.
o Convert the existing ACL utilities, getfacl and setfacl, to
fully make use of the ACL editing library.
Obtained from: TrustedBSD Project