Fix bug where NFSv4 ACL enforcement code wouldn't unconditionally

allow the owner to read and write ACL and file attributes when there
was no entry with subject matching the owner.  In other words,
'getfacl meh' shouldn't fail for the owner if the ACL looks like this:

# file: meh
# owner: trasz
# group: wheel
         user:root:------a-------:------:allow

Reported by:	kientzle
This commit is contained in:
trasz 2012-04-17 14:54:00 +00:00
parent 29ba0a35f6
commit 7f09aee7a1

View File

@ -162,6 +162,9 @@ _acl_denies(const struct acl *aclp, int access_mask, struct ucred *cred,
return (0);
}
if (access_mask == 0)
return (0);
return (1);
}