Christian Biere wrote:
> Christian Biere wrote:
>> YAMAMOTO Takashi wrote:
>>>> +	/* XXX Must be owned by root. */
>>>> +	if (va->va_uid != 0)
>>>> +		return (EPERM);
>  
>> This would also break any setuid-non-root executable, right?
> 
> What I mean is: This denies execution of any executable not owned by root.

it only works on directories. tpe_check() takes dvp (the parent dir
vnode) and makes sure its VDIR.

-e.