d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

After much consulting with bde, concluded that this fix was the best fix

Browse Source 
to the current jail/chflags interactions.  This fix conditionalizes ``root
behavior'' in the chflags() case on not being in jail, so attempts to
perform a chflags in a jail are limited to what a normal user could do.
For example, this does allow setting of user flags as appropriate, but
prohibits changing of system flags.

Reviewed by:	bde
This commit is contained in:
rwatson 2000-02-22 03:56:58 +00:00
parent 0cb88de5b6
commit baa4395a04
1 changed files with 2 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

4
sys/ufs/ufs/ufs_vnops.c
View File

@ -444,9 +444,9 @@ ufs_setattr(ap)
if (vp->v_mount->mnt_flag & MNT_RDONLY)
return (EROFS);
if (cred->cr_uid != ip->i_uid &&
(error = suser(p)))
(error = suser_xxx(cred, p, PRISON_ROOT)))
return (error);
if (cred->cr_uid == 0) {
if ((cred->cr_uid == 0) && (p->p_prison == NULL)) {
if ((ip->i_flags
& (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND)) &&
securelevel > 0)