tech-kern archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
Re: quotactl permissions
In article <20120905123416.GB10839%homeworld.netbsd.org@localhost>,
Emmanuel Dreyfus <manu%netbsd.org@localhost> wrote:
>On Wed, Sep 05, 2012 at 06:37:27AM +0000, David Holland wrote:
>> Changing it to effective uid seems like a good plan.
>
>The change below fixes the test case. Is it safe to commit?
Yes, but it should all be encapsulated in the kauth call. It is an abstraction
violation to do the id check separately.
christos
>
>Index: sys/ufs/ufs/ufs_quota.c
>===================================================================
>RCS file: /cvsroot/src/sys/ufs/ufs/ufs_quota.c,v
>retrieving revision 1.111
>diff -U4 -r1.111 ufs_quota.c
>--- sys/ufs/ufs/ufs_quota.c 26 Aug 2012 02:32:14 -0000 1.111
>+++ sys/ufs/ufs/ufs_quota.c 5 Sep 2012 12:33:07 -0000
>@@ -334,9 +334,9 @@
> /* XXX shouldn't all this be in kauth ? */
> static int
> quota_get_auth(struct mount *mp, struct lwp *l, uid_t id) {
> /* The user can always query about his own quota. */
>- if (id == kauth_cred_getuid(l->l_cred))
>+ if (id == kauth_cred_geteuid(l->l_cred))
> return 0;
> return kauth_authorize_system(l->l_cred, KAUTH_SYSTEM_FS_QUOTA,
> KAUTH_REQ_SYSTEM_FS_QUOTA_GET, mp, KAUTH_ARG(id), NULL);
> }
>
>
>--
>Emmanuel Dreyfus
>manu%netbsd.org@localhost
>
Home |
Main Index |
Thread Index |
Old Index