Skip site navigation (1)Skip section navigation (2) 
Date:      Wed, 8 Mar 2006 21:12:39 GMT
From:      Todd Miller <millert@FreeBSD.org>
To:        Perforce Change Reviews <perforce@freebsd.org>
Subject:   PERFORCE change 92985 for review
Message-ID:  <200603082112.k28LCdXs041017@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help 
http://perforce.freebsd.org/chv.cgi?CH=92985

Change 92985 by millert@millert_g5tower on 2006/03/08 21:11:39

	Back out last revision.  Old behavior was consistent with SELinux. 

Affected files ...

.. //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#36 edit

Differences ...

==== //depot/projects/trustedbsd/sedarwin7/src/sedarwin/sedarwin/sebsd.c#36 (text+ko) ====

@@ -306,10 +306,6 @@
 {
 	access_vector_t av = 0;
 
-	/* per access(2), mask == 0 means only check for existence */
-	if (mask == 0)
-		return FILE__ACCESS;
-
 	if (vt != VDIR) {
 		if (mask & VEXEC)
 			av |= FILE__EXECUTE;
@@ -1243,8 +1239,6 @@
 	    &osec->sid);
 }
 
-extern int selinux_enforcing;
-
 static int
 sebsd_check_ipc_method(struct label *subj, struct label *obj, int msgid)
 {
@@ -1708,7 +1702,10 @@
     struct label *filelabel, int acc_mode)
 {
 
-	/* NOTE: acc_mode == 0 is legal for access(2) */
+	/* existence check (F_OK) */
+	if (acc_mode == 0)
+		return 0;
+
 	return (vnode_has_perm(cred, vp, file_mask_to_av(vp->v_type, acc_mode),
 	    NULL));
 }

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200603082112.k28LCdXs041017>