Date: Sun, 30 Sep 2001 21:22:20 -0700 (PDT) From: Dag-Erling Smorgrav <des@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/fs/pseudofs pseudofs_vnops.c Message-ID: <200110010422.f914MKp10776@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
des 2001/09/30 21:22:20 PDT Modified files: sys/fs/pseudofs pseudofs_vnops.c Log: YA pseudofs megacommit, part 1: - Add a third callback to the pfs_node structure. This one simply returns non-zero if the specified requesting process is allowed to access the specified node for the specified target process. This is used in addition to the usual permission checks, e.g. when certain files don't make sense for certain (system) processes. - Make sure that pfs_lookup() and pfs_readdir() don't yap about files which aren't pfs_visible(). Also check pfs_visible() before performing reads and writes, to prevent the kind of races reported in SA-00:77 and SA-01:55 (fork a child, open /proc/child/ctl, have that child fork a setuid binary, and assume control of it). - Add some more trace points. Revision Changes Path 1.14 +90 -38 src/sys/fs/pseudofs/pseudofs_vnops.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200110010422.f914MKp10776>