Subject: Re: simple tpe implementation
To: Christian Biere <firstname.lastname@example.org>
From: Elad Efrat <elad@NetBSD.org>
Date: 02/02/2007 18:52:39
Christian Biere wrote:
> Christian Biere wrote:
>> YAMAMOTO Takashi wrote:
>>>> + /* XXX Must be owned by root. */
>>>> + if (va->va_uid != 0)
>>>> + return (EPERM);
>> This would also break any setuid-non-root executable, right?
> What I mean is: This denies execution of any executable not owned by root.
it only works on directories. tpe_check() takes dvp (the parent dir
vnode) and makes sure its VDIR.