version 1.38, 2009/03/20 23:06:52 |
version 1.39, 2009/04/20 18:06:26 |
Line 935 udf_chown(struct vnode *vp, uid_t new_ui |
|
Line 935 udf_chown(struct vnode *vp, uid_t new_ui |
|
kauth_cred_t cred) |
kauth_cred_t cred) |
{ |
{ |
struct udf_node *udf_node = VTOI(vp); |
struct udf_node *udf_node = VTOI(vp); |
uid_t euid, uid; |
uid_t uid; |
gid_t egid, gid; |
gid_t gid; |
int issuperuser, ismember; |
|
int error; |
int error; |
|
|
#ifdef notyet |
#ifdef notyet |
Line 965 udf_chown(struct vnode *vp, uid_t new_ui |
|
Line 964 udf_chown(struct vnode *vp, uid_t new_ui |
|
if ((gid_t) ((uint32_t) gid) != gid) |
if ((gid_t) ((uint32_t) gid) != gid) |
return EINVAL; |
return EINVAL; |
|
|
/* |
|
* If we don't own the file, are trying to change the owner of the |
|
* file, or are not a member of the target group, the caller's |
|
* credentials must imply super-user privilege or the call fails. |
|
*/ |
|
|
|
/* check permissions */ |
/* check permissions */ |
euid = kauth_cred_geteuid(cred); |
error = common_chown_allowed(cred, uid, gid, new_uid, new_gid); |
egid = kauth_cred_getegid(cred); |
if (error) |
if ((error = kauth_cred_ismember_gid(cred, new_gid, &ismember))) |
return (error); |
return error; |
|
error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL); |
|
issuperuser = (error == 0); |
|
|
|
if (!issuperuser) { |
|
if ((new_uid != uid) || (euid != uid)) |
|
return EPERM; |
|
if ((new_gid != gid) && !(egid == new_gid || ismember)) |
|
return EPERM; |
|
} |
|
|
|
/* change the ownership */ |
/* change the ownership */ |
udf_setownership(udf_node, new_uid, new_gid); |
udf_setownership(udf_node, new_uid, new_gid); |
|
|
udf_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred) |
udf_chmod(struct vnode *vp, mode_t mode, kauth_cred_t cred) |
{ |
{ |
struct udf_node *udf_node = VTOI(vp); |
struct udf_node *udf_node = VTOI(vp); |
uid_t euid, uid; |
uid_t uid; |
gid_t egid, gid; |
gid_t gid; |
int issuperuser, ismember; |
|
int error; |
int error; |
|
|
#ifdef notyet |
#ifdef notyet |
Line 1019 udf_chmod(struct vnode *vp, mode_t mode, |
|
Line 1001 udf_chmod(struct vnode *vp, mode_t mode, |
|
udf_getownership(udf_node, &uid, &gid); |
udf_getownership(udf_node, &uid, &gid); |
|
|
/* check permissions */ |
/* check permissions */ |
euid = kauth_cred_geteuid(cred); |
error = common_chmod_allowed(cred, vp, uid, gid, mode); |
egid = kauth_cred_getegid(cred); |
if (error) |
if ((error = kauth_cred_ismember_gid(cred, gid, &ismember))) |
return (error); |
return error; |
|
error = kauth_authorize_generic(cred, KAUTH_GENERIC_ISSUSER, NULL); |
|
issuperuser = (error == 0); |
|
|
|
if ((euid != uid) && !issuperuser) |
|
return EPERM; |
|
if (euid != 0) { |
|
if (vp->v_type != VDIR && (mode & S_ISTXT)) |
|
return EFTYPE; |
|
|
|
if ((!ismember) && (mode & S_ISGID)) |
|
return EPERM; |
|
} |
|
|
|
/* change mode */ |
/* change mode */ |
udf_setaccessmode(udf_node, mode); |
udf_setaccessmode(udf_node, mode); |