Date: Mon, 12 Aug 2002 09:43:04 -0700 (PDT) From: Robert Watson <rwatson@FreeBSD.org> To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/gnu/ext2fs ext2_lookup.c ext2_vnops.c src/sys/nfsclient nfs_lock.c src/sys/ufs/ufs ufs_lookup.c ufs_vnops.c Message-ID: <200208121643.g7CGh4PB059211@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help
rwatson 2002/08/12 09:43:04 PDT
Modified files:
sys/gnu/ext2fs ext2_lookup.c ext2_vnops.c
sys/nfsclient nfs_lock.c
sys/ufs/ufs ufs_lookup.c ufs_vnops.c
Log:
Pass IO_NOMACCHECK to vn_rdwr() in the following checks to prevent
enforcement of MAC policy on the read or write operations:
- In ext2fs, don't enforce MAC on loop-back reads and writes supporting
directory read operations in lookup(), directory modifications in
rename(), directory write operations in mkdir(), symlink write
operations in symlink().
- In the NFS client locking code, perform vn_rdwr() on the NFS locking
socket without enforcing MAC, since the write is done on behalf of
the kernel NFS implementation rather than the user process.
- In UFS, don't enforce MAC on loop-back reads and writes supporting
directory read operations in lookup(), and symlink write operations
in symlink().
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
Revision Changes Path
1.35 +5 -3 src/sys/gnu/ext2fs/ext2_lookup.c
1.67 +8 -7 src/sys/gnu/ext2fs/ext2_vnops.c
1.23 +1 -1 src/sys/nfsclient/nfs_lock.c
1.64 +5 -3 src/sys/ufs/ufs/ufs_lookup.c
1.203 +2 -2 src/sys/ufs/ufs/ufs_vnops.c
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe cvs-all" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200208121643.g7CGh4PB059211>