Date: Fri, 3 Mar 2000 07:30:11 +1100 (EST) From: Bruce Evans <bde@zeta.org.au> To: Brian Dean <brdean@unx.sas.com> Cc: Kris Kennaway <kris@hub.freebsd.org>, current@FreeBSD.ORG Subject: Re: HEADS UP! IPC security (Re: cvs commit: src/sys/kern sysv_ipc.c (fwd)) Message-ID: <Pine.BSF.4.21.0003030722070.2011-100000@alphplex.bde.org> In-Reply-To: <200003021458.JAA00436@dean.pc.sas.com>
next in thread | previous in thread | raw e-mail | index | archive | help
On Thu, 2 Mar 2000, Brian Dean wrote:
> I believe the following patch does what you are asking. Essentially,
> it only calls suser() if it was about to return a permission error,
> thus the ASU flag should only be set when superuser privileges are
> actually used.
>
> Let me know if this looks OK, and if Jordan approves, I'll commit it.
It has too many style bugs for me. It corrupts all tabs to spaces and
has some other style bugs.
> Index: sysv_ipc.c
> ===================================================================
> RCS file: /usr00/mirror/ncvs/src/sys/kern/sysv_ipc.c,v
> retrieving revision 1.13
> diff -u -r1.13 sysv_ipc.c
> --- sysv_ipc.c 2000/02/29 22:58:59 1.13
> +++ sysv_ipc.c 2000/03/02 14:39:41
> @@ -51,16 +51,15 @@
> int mode;
> {
> struct ucred *cred = p->p_ucred;
> - int error;
>
> - error = suser(p);
> - if (!error)
> - return (0);
> -
> /* Check for user match. */
> if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) {
> - if (mode & IPC_M)
> - return (EPERM);
> + if (mode & IPC_M) {
> + if (suser(p) == 0)
> + return (0);
> + else
> + return (EPERM);
> + }
I might write this as:
if (mode & IPC_M)
return (suser(p) == 0 ? 0 : EPERM);
> /* Check for group match. */
> mode >>= 3;
> if (!groupmember(perm->gid, cred) &&
> @@ -71,7 +70,14 @@
>
> if (mode & IPC_M)
> return (0);
> - return ((mode & perm->mode) == mode ? 0 : EACCES);
> +
> + if ((mode & perm->mode) == mode)
> + return (0);
> +
> + if (suser(p) == 0)
> + return (0);
> +
> + return EACCES;
I might write this as:
return ((mode & perm->mode) == mode || suser(p) == 0 ? 0 : EACCES);
> }
>
> #endif /* defined(SYSVSEM) || defined(SYSVSHM) || defined(SYSVMSG) */
>
>
Bruce
To Unsubscribe: send mail to majordomo@FreeBSD.org
with "unsubscribe freebsd-current" in the body of the message
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?Pine.BSF.4.21.0003030722070.2011-100000>