> YAMAMOTO Takashi wrote:
> >> +	/* XXX Must be owned by root. */
> >> +	if (va->va_uid != 0)
> >> +		return (EPERM);
> >> +
> >> +	/* Must not be writable by group or other. */
> >> +	if (va->va_mode & (S_IWGRP | S_IWOTH))
> >> +		return (EPERM);
> >> +
> >> +	return (0);
> > 
> > this kind of permission checks are filesystem dependent.
> > consider acls or remote filesystems.
> 
> yes, that's why it's "simple".
> 
> how do you suggest doing it?
> 
> -e.

i have no good idea off hand.

VOP_ACCESS is the right way to check permissions,
but it doesn't have "only root can.." functionality.
we can change VOP, but it's almost impossible to implement
for some filesystems.

YAMAMOTO Takashi