kauth question (for quotas)

To: tech-kern%netbsd.org@localhost
Subject: kauth question (for quotas)
From: Manuel Bouyer <bouyer%antioche.eu.org@localhost>
Date: Wed, 19 Jan 2011 16:44:54 +0100

Hello,
in the ufs quota code there is checks like:
                /* The user can always query about his own quota. */
                if (uid == kauth_cred_getuid(l->l_cred))
                        break;
        
                error = kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FS_QUOTA,
                    KAUTH_REQ_SYSTEM_FS_QUOTA_GET, mp, KAUTH_ARG(uid), NULL);


To me, it looks like the (uid == kauth_cred_getuid(l->l_cred)) check should
be handled by kauth as well, isn't it (what if someone wants to
deny users to see even their own quotas) ?

KAUTH_SYSTEM_FS_QUOTA is handed in suser/secmodel_suser.c only,
at first glance this is not the right place to add the "user gets its own
quotas" check. Can someone help me with this ?

-- 
Manuel Bouyer <bouyer%antioche.eu.org@localhost>
     NetBSD: 26 ans d'experience feront toujours la difference
--

Prev by Date: Re: Weird sprious input
Next by Date: Re: kernel memory allocators
Previous by Thread: Weird sprious input
Next by Thread: Is there a way to obtain a machine's cache line size?
Indexes:

Home | Main Index | Thread Index | Old Index