Date: Thu, 7 Oct 2010 21:45:49 +0300 From: Jaakko Heinonen <jh@FreeBSD.org> To: Alexander Best <arundel@freebsd.org> Cc: freebsd-hackers@freebsd.org, Garrett Cooper <gcooper@FreeBSD.org> Subject: Re: issue with unsetting 'arch' flag Message-ID: <20101007184549.GA76070@a91-153-123-205.elisa-laajakaista.fi> In-Reply-To: <20101006173522.GA92402@freebsd.org> References: <20101005235054.GA45827@freebsd.org> <AANLkTi=sA4GP=B61tbEmG6B0CYcET=dCFMJByoS_5=yi@mail.gmail.com> <20101006173522.GA92402@freebsd.org>
next in thread | previous in thread | raw e-mail | index | archive | help
On 2010-10-06, Alexander Best wrote: > $ sudo rm -d /tmp/chflags.XXXXXX > $ tmpfile=`mktemp /tmp/chflags.XXXXXX` > $ sudo chflags arch $tmpfile > $ chflags noarch $tmpfile > > is what's causing the problem. the last chflags call should fail, but it > doesn't. Here is a patch for UFS: %%% Index: sys/ufs/ufs/ufs_vnops.c =================================================================== --- sys/ufs/ufs/ufs_vnops.c (revision 213507) +++ sys/ufs/ufs/ufs_vnops.c (working copy) @@ -556,6 +556,9 @@ ufs_setattr(ap) & (SF_NOUNLINK | SF_IMMUTABLE | SF_APPEND) || (vap->va_flags & UF_SETTABLE) != vap->va_flags) return (EPERM); + if ((ip->i_flags & SF_SETTABLE) != + (vap->va_flags & SF_SETTABLE)) + return (EPERM); ip->i_flags &= SF_SETTABLE; ip->i_flags |= (vap->va_flags & UF_SETTABLE); DIP_SET(ip, i_flags, ip->i_flags); %%% The patch has a potential to break something if someone assumes that non-super-user can modify UF_SETTABLE flags with the SF_SETTABLE part set to zero. However with a quick peek this seems to be what NetBSD does. -- Jaakko
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?20101007184549.GA76070>