PERFORCE change 14990 for review
Robert Watson
rwatson at freebsd.org
Sat Jul 27 13:16:07 GMT 2002
http://people.freebsd.org/~peter/p4db/chv.cgi?CH=14990
Change 14990 by rwatson at rwatson_tislabs on 2002/07/27 06:15:43
Note that we need a seperate entry point for the F_SETFL fcntl,
since we really want to authorize the delta not just the flags.
Affected files ...
.. //depot/projects/trustedbsd/mac/sys/kern/kern_descrip.c#18 edit
Differences ...
==== //depot/projects/trustedbsd/mac/sys/kern/kern_descrip.c#18 (text+ko) ====
@@ -326,6 +326,11 @@
mode |= VAPPEND;
vn_lock((struct vnode *)fp->f_data, LK_EXCLUSIVE |
LK_RETRY, td);
+ /*
+ * XXX: A seperate entry point should be used here
+ * to pass in both the old and the new flags,
+ * with authorization performed only on the delta.
+ */
error = mac_cred_check_open_vnode(td->td_ucred,
(struct vnode *)fp->f_data, mode);
VOP_UNLOCK((struct vnode *)fp->f_data, 0, td);
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-cvs" in the body of the message
More information about the trustedbsd-cvs
mailing list