Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/trunk]: src/sys/miscfs/genfs Allow root to access and modify system spac...
details: https://anonhg.NetBSD.org/src/rev/8a79c10671f1
branches: trunk
changeset: 931304:8a79c10671f1
user: christos <christos%NetBSD.org@localhost>
date: Sat Apr 25 22:28:47 2020 +0000
description:
Allow root to access and modify system space extended attributes.
XXX: this routine should not be using the string, but the attribute namespace.
I have fixed this in the ACL code.
diffstat:
sys/miscfs/genfs/genfs_vnops.c | 14 +++++++++-----
1 files changed, 9 insertions(+), 5 deletions(-)
diffs (35 lines):
diff -r 91476266bb3a -r 8a79c10671f1 sys/miscfs/genfs/genfs_vnops.c
--- a/sys/miscfs/genfs/genfs_vnops.c Sat Apr 25 22:08:49 2020 +0000
+++ b/sys/miscfs/genfs/genfs_vnops.c Sat Apr 25 22:28:47 2020 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: genfs_vnops.c,v 1.202 2020/02/23 22:14:04 ad Exp $ */
+/* $NetBSD: genfs_vnops.c,v 1.203 2020/04/25 22:28:47 christos Exp $ */
/*-
* Copyright (c) 2008 The NetBSD Foundation, Inc.
@@ -57,7 +57,7 @@
*/
#include <sys/cdefs.h>
-__KERNEL_RCSID(0, "$NetBSD: genfs_vnops.c,v 1.202 2020/02/23 22:14:04 ad Exp $");
+__KERNEL_RCSID(0, "$NetBSD: genfs_vnops.c,v 1.203 2020/04/25 22:28:47 christos Exp $");
#include <sys/param.h>
#include <sys/systm.h>
@@ -904,9 +904,13 @@
genfs_can_extattr(kauth_cred_t cred, int access_mode, vnode_t *vp,
const char *attr)
{
- /* We can't allow privileged namespaces. */
- if (strncasecmp(attr, "system", 6) == 0)
- return EPERM;
+ /*
+ * This string comparison is bogus: see xattr_native in vfs_xattr.c;
+ * it is going to go away soon.
+ */
+ if (strncasecmp(attr, "system.", 7) == 0)
+ return kauth_authorize_system(cred, KAUTH_SYSTEM_FS_EXTATTR,
+ 0, vp->v_mount, NULL, NULL);
return VOP_ACCESS(vp, access_mode, cred);
}
Home |
Main Index |
Thread Index |
Old Index