Re: kern/41489: setpriority(2) returns EACCES instead of EPERM

[christos%zoulas.com@localhost (Christos Zoulas)]

The following reply was made to PR kern/41489; it has been noted by GNATS.

From: christos%zoulas.com@localhost (Christos Zoulas)
To: gnats-bugs%NetBSD.org@localhost, kern-bug-people%netbsd.org@localhost, 
        gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost, 
ekamperi%gmail.com@localhost
Cc: 
Subject: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
Date: Mon, 25 May 2009 18:38:09 -0400

 On May 25, 10:25pm, elad%NetBSD.org@localhost (Elad Efrat) wrote:
 -- Subject: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
 
 |  My bad: I was looking at the wrong part of the code (specifically the 
 |  EACCES at the bottom rather than the EPERM at the top).
 |  
 |  Anyway, the fix here isn't so obvious; specifically, the original check 
 |  checked both the effective and the real uid ("root" is a user with 
 |  effective uid 0). Additionally, the documentation (not ours) doesn't 
 |  necessarily specify a super-user, but rather a user with the proper 
 |  privileges, which is more correct. We have to decide if we want to 
 |  maintain the behavior (uid or euid 0 -> no EPERM, which is IMHO wrong), 
 |  fix it (euid 0 -> no EPERM, IMHO right, can simply be a 
 |  KAUTH_GENERIC_ISSUSER for now), or do something completely different 
 |  (like make listeners return errno values and weigh them, similar to 
 |  FreeBSD, long-term goal).
 |  
 |  The attached diff is simply restores the original checks.
 |  
 |  -e.
 
 Can't this be abstracted to a KAUTH_CHANGE_RESOURCE call or at least
 we should cache the uid and gid variables.
 
 christos