Date: Sun, 10 Jun 2001 16:22:49 -0400 (EDT) From: Robert Watson <rwatson@FreeBSD.org> To: Ruslan Ermilov <ru@FreeBSD.org> Cc: "Alexey V. Neyman" <avn@any.ru>, Poul-Henning Kamp <phk@FreeBSD.org>, fs@FreeBSD.org Subject: Re: man VOP_ACCESS(9), suser(9) Message-ID: <Pine.NEB.3.96L.1010610162148.34369B-100000@fledge.watson.org> In-Reply-To: <20010609144612.H87114@sunbay.com>
next in thread | previous in thread | raw e-mail | index | archive | help
The VOP_*(9) man pages have been sadly trailing reality, and there are also several undocumented VOP's that could use documentation. The authorization code in -CURRENT's various VOP_ACCESS() code bits could still use some tweaking, to be honest. Robert N M Watson FreeBSD Core Team, TrustedBSD Project robert@fledge.watson.org NAI Labs, Safeport Network Services On Sat, 9 Jun 2001, Ruslan Ermilov wrote: > On Sat, Jun 09, 2001 at 03:27:33PM +0400, Alexey V. Neyman wrote: > > Hello there! > > > > >From pseudo-code in VOP_ACCESS(9): > > /* Otherwise, user id 0 always gets access. */ > > if (cred->cr_uid == 0) > > return 0; > > > > Shouldn't this check be changed to suser() or suser_xxx() to check against > > super-user privileges? > > > Yes, much probably. Actually, the code in -CURRENT uses vaccess() from > the vfs_subr.c, and the latter uses suser_xxx(), but the VOP_ACCESS(9)'s > PSEUDOCODE section of manpage hasn't (yet?) been updated. The code in > -STABLE really uses cr_uid == 0 (see ufs_vnops.c), and this probably > should be fixed. > > Over to VFS geeks. :-) > > > Cheers, > -- > Ruslan Ermilov Oracle Developer/DBA, > ru@sunbay.com Sunbay Software AG, > ru@FreeBSD.org FreeBSD committer, > +380.652.512.251 Simferopol, Ukraine > > http://www.FreeBSD.org The Power To Serve > http://www.oracle.com Enabling The Information Age > > To Unsubscribe: send mail to majordomo@FreeBSD.org > with "unsubscribe freebsd-fs" in the body of the message > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-fs" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.NEB.3.96L.1010610162148.34369B-100000>