Re: kern/57246: NFS group permissions regression

[mlelstv%serpens.de@localhost (Michael van Elst)]

The following reply was made to PR kern/57246; it has been noted by GNATS.

From: mlelstv%serpens.de@localhost (Michael van Elst)
To: gnats-bugs%netbsd.org@localhost
Cc: 
Subject: Re: kern/57246: NFS group permissions regression
Date: Tue, 28 Feb 2023 15:59:05 -0000 (UTC)

 hannken%mailbox.org@localhost ("J. Hannken-Illjes") writes:
 
 >The following reply was made to PR kern/57246; it has been noted by GNATS.
 
 >From: "J. Hannken-Illjes" <hannken%mailbox.org@localhost>
 >To: NetBSD GNATS <gnats-bugs%netbsd.org@localhost>
 >Cc: 
 >Subject: Re: kern/57246: NFS group permissions regression
 >Date: Tue, 28 Feb 2023 15:36:30 +0100
 
 > This failure can be reduced to:
 > 
 > - Create a file xxx in a ffs file system, mode -rw-rw-r-- and
 >   make sure you are not the owner but the group member.
 > 
 > - Try to touch this file (touch xxx) and get "Permission denied".
 > 
 > Operation ufs_setattr() runs genfs_can_chtimes() ->
 >   VOP_ACCESSX( VWRITE_ATTRIBUTES ) ->
 >   ufs_accessx() ->
 >   vfs_unixify_accmode(&accmode),
 > this translates VWRITE_ATTRIBUTES into VADMIN and the access
 > check fails as we are not the owner.
 > 
 > vfs_unixify_accmode() definitely needs work ...
 
 
 According to utimes(2) that's even correct. Only futimes() / futimens()
 allow setting the time by someone who is neither owner nor super-user (but
 has write permission) and touch should then call open() + futimens().