Re: CVS commit: [elad-kernelauth] src/sys/nfs

To: elad%netbsd.org@localhost
Subject: Re: CVS commit: [elad-kernelauth] src/sys/nfs
From: YAMAMOTO Takashi <yamt%mwd.biglobe.ne.jp@localhost>
Date: Sun, 12 Mar 2006 23:11:24 +0900

> Module Name:  src
> Committed By: elad
> Date:         Sat Mar 11 21:22:42 UTC 2006
> 
> Modified Files:
>       src/sys/nfs [elad-kernelauth]: nfs_subs.c
> 
> Log Message:
> Replace check for euid == 0 with kauth_authorize_generic().

[ not in this commit, maybe.  i haven't checked. ]
in nfsrv_fhtovp, you did:

        /* First, clear any groups in cred. */
        do_ngroups = kauth_cred_ngroups(cred);
        for (i = 0; i < do_ngroups; i++)
                kauth_cred_delgroup(cred, kauth_cred_group(cred, i));

i don't think kauth_cred_group() here picks gids as you expected,
given that kauth_cred_delgroup() seems to modify gid array in a way
invalidating indexes in it.

for this kind of code, i think it's convenient to have kauth_cred_clear(),
which clears all ids in a credential.

YAMAMOTO Takashi

Follow-Ups:
- Re: CVS commit: [elad-kernelauth] src/sys/nfs
  - From: Elad Efrat

References:
- CVS commit: [elad-kernelauth] src/sys/nfs
  - From: Elad Efrat

Prev by Date: Re: CVS commit: [elad-kernelauth] src/sys/kern
Next by Date: CVS commit: src/share/wscons/keymaps
Previous by Thread: CVS commit: [elad-kernelauth] src/sys/nfs
Next by Thread: Re: CVS commit: [elad-kernelauth] src/sys/nfs
Indexes:

Home | Main Index | Thread Index | Old Index