From owner-freebsd-current Thu Mar 2 16:30:42 2000 Delivered-To: freebsd-current@freebsd.org Received: from mailman.zeta.org.au (mailman.zeta.org.au [203.26.10.16]) by hub.freebsd.org (Postfix) with ESMTP id 2EFB237B645; Thu, 2 Mar 2000 16:30:34 -0800 (PST) (envelope-from bde@zeta.org.au) Received: from bde.zeta.org.au (bde.zeta.org.au [203.2.228.102]) by mailman.zeta.org.au (8.8.7/8.8.7) with ESMTP id LAA06409; Fri, 3 Mar 2000 11:35:35 +1100 Date: Fri, 3 Mar 2000 11:30:14 +1100 (EST) From: Bruce Evans X-Sender: bde@alphplex.bde.org To: Brian Dean Cc: Kris Kennaway , current@FreeBSD.ORG Subject: Re: HEADS UP! IPC security (Re: cvs commit: src/sys/kern sysv_ipc.c (fwd)) In-Reply-To: <200003022158.QAA00364@dean.pc.sas.com> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-freebsd-current@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG On Thu, 2 Mar 2000, Brian Dean wrote: > Resisting the temptation to cut-and-paste (resulting in the lost > tabs), and incorporating your other suggestions, how about this > version? > > Index: sysv_ipc.c > =================================================================== > RCS file: /usr00/mirror/ncvs/src/sys/kern/sysv_ipc.c,v > retrieving revision 1.13 > diff -u -r1.13 sysv_ipc.c > --- sysv_ipc.c 2000/02/29 22:58:59 1.13 > +++ sysv_ipc.c 2000/03/02 21:45:25 > @@ -51,16 +51,11 @@ > int mode; > { > struct ucred *cred = p->p_ucred; > - int error; > > - error = suser(p); > - if (!error) > - return (0); > - > /* Check for user match. */ > if (cred->cr_uid != perm->cuid && cred->cr_uid != perm->uid) { > if (mode & IPC_M) > - return (EPERM); > + return (suser(p) == 0 ? 0 : EPERM); > /* Check for group match. */ > mode >>= 3; > if (!groupmember(perm->gid, cred) && > @@ -71,7 +66,7 @@ > > if (mode & IPC_M) > return (0); > - return ((mode & perm->mode) == mode ? 0 : EACCES); > + return ((mode & perm->mode) == mode || suser(p) == 0 ? 0 : EACCES); > } > > #endif /* defined(SYSVSEM) || defined(SYSVSHM) || defined(SYSVMSG) */ I'm happy with this version. You might also look at the NetBSD version. It has been rewritten to be more like ufs_access(). The main changes seem to be that the (mode & IPC_M) test is replaced by (mode == IPC_M) and the hackish right shifting of `mode' is replaced by lots of bit conversions, as is required when the S_IRUSR etc. bits aren't assumed to have various magic relationships among themseleves and with the IPC mode bits. All these changes can wait until after 4.0 is released. Bruce To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe freebsd-current" in the body of the message