Re: kern/41489: setpriority(2) returns EACCES instead of EPERM

To: gnats-bugs%NetBSD.org@localhost, kern-bug-people%netbsd.org@localhost, gnats-admin%netbsd.org@localhost, netbsd-bugs%netbsd.org@localhost, ekamperi%gmail.com@localhost
Subject: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
From: christos%zoulas.com@localhost (Christos Zoulas)
Date: Mon, 25 May 2009 18:38:09 -0400

On May 25, 10:25pm, elad%NetBSD.org@localhost (Elad Efrat) wrote:
-- Subject: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM

|  My bad: I was looking at the wrong part of the code (specifically the 
|  EACCES at the bottom rather than the EPERM at the top).
|  
|  Anyway, the fix here isn't so obvious; specifically, the original check 
|  checked both the effective and the real uid ("root" is a user with 
|  effective uid 0). Additionally, the documentation (not ours) doesn't 
|  necessarily specify a super-user, but rather a user with the proper 
|  privileges, which is more correct. We have to decide if we want to 
|  maintain the behavior (uid or euid 0 -> no EPERM, which is IMHO wrong), 
|  fix it (euid 0 -> no EPERM, IMHO right, can simply be a 
|  KAUTH_GENERIC_ISSUSER for now), or do something completely different 
|  (like make listeners return errno values and weigh them, similar to 
|  FreeBSD, long-term goal).
|  
|  The attached diff is simply restores the original checks.
|  
|  -e.

Can't this be abstracted to a KAUTH_CHANGE_RESOURCE call or at least
we should cache the uid and gid variables.

christos

References:
- Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
  - From: Elad Efrat

Prev by Date: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
Next by Date: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
Previous by Thread: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
Next by Thread: Re: kern/41489: setpriority(2) returns EACCES instead of EPERM
Indexes:

Home | Main Index | Thread Index | Old Index