Date: Sun, 30 Sep 2001 21:21:11 -0700 (PDT) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/fs/pseudofs pseudofs.h pseudofs_vncache.c Message-ID: <200110010421.f914LBN10673@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
des 2001/09/30 21:21:11 PDT
Modified files:
sys/fs/pseudofs pseudofs.h pseudofs_vncache.c
Log:
YA pseudofs megacommit, part 1:
- Add a third callback to the pfs_node structure. This one simply returns
non-zero if the specified requesting process is allowed to access the
specified node for the specified target process. This is used in
addition to the usual permission checks, e.g. when certain files don't
make sense for certain (system) processes.
- Make sure that pfs_lookup() and pfs_readdir() don't yap about files
which aren't pfs_visible(). Also check pfs_visible() before performing
reads and writes, to prevent the kind of races reported in SA-00:77 and
SA-01:55 (fork a child, open /proc/child/ctl, have that child fork a
setuid binary, and assume control of it).
- Add some more trace points.
Revision Changes Path
1.10 +25 -15 src/sys/fs/pseudofs/pseudofs.h
1.6 +69 -29 src/sys/fs/pseudofs/pseudofs_vncache.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110010421.f914LBN10673>