diff options
| author | rwatson <rwatson@FreeBSD.org> | 2002-07-22 03:57:07 +0000 |
|---|---|---|
| committer | rwatson <rwatson@FreeBSD.org> | 2002-07-22 03:57:07 +0000 |
| commit | 7be639a7c001f8dc5f8e7b6d1951845156bb997d (patch) | |
| tree | 174e3bfd203f2088fac3efc5f68dfc8e96d1c5a3 | |
| parent | c578ffd6e110dce1199cb540aa12951448b6e570 (diff) | |
| download | FreeBSD-src-7be639a7c001f8dc5f8e7b6d1951845156bb997d.zip FreeBSD-src-7be639a7c001f8dc5f8e7b6d1951845156bb997d.tar.gz | |
Teach discretionary access control methods for files about VAPPEND
and VALLPERM.
Obtained from: TrustedBSD Project
Sponsored by: DARPA, NAI Labs
| -rw-r--r-- | sys/kern/kern_acl.c | 26 | ||||
| -rw-r--r-- | sys/kern/subr_acl_posix1e.c | 26 | ||||
| -rw-r--r-- | sys/kern/vfs_acl.c | 26 | ||||
| -rw-r--r-- | sys/kern/vfs_subr.c | 8 |
4 files changed, 43 insertions, 43 deletions
diff --git a/sys/kern/kern_acl.c b/sys/kern/kern_acl.c index 70be0ec..60ce1bf 100644 --- a/sys/kern/kern_acl.c +++ b/sys/kern/kern_acl.c @@ -88,7 +88,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, */ #ifndef CAPABILITIES if (suser_cred(cred, PRISON_ROOT) == 0) - cap_granted = (VEXEC | VREAD | VWRITE | VADMIN); + cap_granted = VALLPERM; else cap_granted = 0; #else @@ -108,9 +108,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, PRISON_ROOT)) cap_granted |= VREAD; - if ((acc_mode & VWRITE) && !cap_check(cred, NULL, CAP_DAC_WRITE, - PRISON_ROOT)) - cap_granted |= VWRITE; + if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) && + !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT)) + cap_granted |= (VWRITE | VAPPEND); if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER, PRISON_ROOT)) @@ -136,7 +136,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); if ((acc_mode & (dac_granted | cap_granted)) == @@ -188,9 +188,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_mask->ae_perm & ACL_READ) acl_mask_granted |= VREAD; if (acl_mask->ae_perm & ACL_WRITE) - acl_mask_granted |= VWRITE; + acl_mask_granted |= (VWRITE | VAPPEND); } else - acl_mask_granted = VEXEC | VREAD | VWRITE; + acl_mask_granted = VEXEC | VREAD | VWRITE | VAPPEND; /* * Iterate through user ACL entries. Do checks twice, first @@ -212,7 +212,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -245,7 +245,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -263,7 +263,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -293,7 +293,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -314,7 +314,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -345,7 +345,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_other->ae_perm & ACL_READ) dac_granted |= VREAD; if (acl_other->ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); diff --git a/sys/kern/subr_acl_posix1e.c b/sys/kern/subr_acl_posix1e.c index 70be0ec..60ce1bf 100644 --- a/sys/kern/subr_acl_posix1e.c +++ b/sys/kern/subr_acl_posix1e.c @@ -88,7 +88,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, */ #ifndef CAPABILITIES if (suser_cred(cred, PRISON_ROOT) == 0) - cap_granted = (VEXEC | VREAD | VWRITE | VADMIN); + cap_granted = VALLPERM; else cap_granted = 0; #else @@ -108,9 +108,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, PRISON_ROOT)) cap_granted |= VREAD; - if ((acc_mode & VWRITE) && !cap_check(cred, NULL, CAP_DAC_WRITE, - PRISON_ROOT)) - cap_granted |= VWRITE; + if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) && + !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT)) + cap_granted |= (VWRITE | VAPPEND); if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER, PRISON_ROOT)) @@ -136,7 +136,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); if ((acc_mode & (dac_granted | cap_granted)) == @@ -188,9 +188,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_mask->ae_perm & ACL_READ) acl_mask_granted |= VREAD; if (acl_mask->ae_perm & ACL_WRITE) - acl_mask_granted |= VWRITE; + acl_mask_granted |= (VWRITE | VAPPEND); } else - acl_mask_granted = VEXEC | VREAD | VWRITE; + acl_mask_granted = VEXEC | VREAD | VWRITE | VAPPEND; /* * Iterate through user ACL entries. Do checks twice, first @@ -212,7 +212,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -245,7 +245,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -263,7 +263,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -293,7 +293,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -314,7 +314,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -345,7 +345,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_other->ae_perm & ACL_READ) dac_granted |= VREAD; if (acl_other->ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); diff --git a/sys/kern/vfs_acl.c b/sys/kern/vfs_acl.c index 70be0ec..60ce1bf 100644 --- a/sys/kern/vfs_acl.c +++ b/sys/kern/vfs_acl.c @@ -88,7 +88,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, */ #ifndef CAPABILITIES if (suser_cred(cred, PRISON_ROOT) == 0) - cap_granted = (VEXEC | VREAD | VWRITE | VADMIN); + cap_granted = VALLPERM; else cap_granted = 0; #else @@ -108,9 +108,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, PRISON_ROOT)) cap_granted |= VREAD; - if ((acc_mode & VWRITE) && !cap_check(cred, NULL, CAP_DAC_WRITE, - PRISON_ROOT)) - cap_granted |= VWRITE; + if (((acc_mode & VWRITE) || (acc_mode & VAPPEND)) && + !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT)) + cap_granted |= (VWRITE | VAPPEND); if ((acc_mode & VADMIN) && !cap_check(cred, NULL, CAP_FOWNER, PRISON_ROOT)) @@ -136,7 +136,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); if ((acc_mode & (dac_granted | cap_granted)) == @@ -188,9 +188,9 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_mask->ae_perm & ACL_READ) acl_mask_granted |= VREAD; if (acl_mask->ae_perm & ACL_WRITE) - acl_mask_granted |= VWRITE; + acl_mask_granted |= (VWRITE | VAPPEND); } else - acl_mask_granted = VEXEC | VREAD | VWRITE; + acl_mask_granted = VEXEC | VREAD | VWRITE | VAPPEND; /* * Iterate through user ACL entries. Do checks twice, first @@ -212,7 +212,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -245,7 +245,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -263,7 +263,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & dac_granted) == acc_mode) @@ -293,7 +293,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -314,7 +314,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl->acl_entry[i].ae_perm & ACL_READ) dac_granted |= VREAD; if (acl->acl_entry[i].ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); dac_granted &= acl_mask_granted; if ((acc_mode & (dac_granted | cap_granted)) != @@ -345,7 +345,7 @@ vaccess_acl_posix1e(enum vtype type, uid_t file_uid, gid_t file_gid, if (acl_other->ae_perm & ACL_READ) dac_granted |= VREAD; if (acl_other->ae_perm & ACL_WRITE) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index e620d4a..4d87718 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -3251,7 +3251,7 @@ vaccess(type, file_mode, file_uid, file_gid, acc_mode, cred, privused) if (file_mode & S_IRUSR) dac_granted |= VREAD; if (file_mode & S_IWUSR) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -3266,7 +3266,7 @@ vaccess(type, file_mode, file_uid, file_gid, acc_mode, cred, privused) if (file_mode & S_IRGRP) dac_granted |= VREAD; if (file_mode & S_IWGRP) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -3280,7 +3280,7 @@ vaccess(type, file_mode, file_uid, file_gid, acc_mode, cred, privused) if (file_mode & S_IROTH) dac_granted |= VREAD; if (file_mode & S_IWOTH) - dac_granted |= VWRITE; + dac_granted |= (VWRITE | VAPPEND); if ((acc_mode & dac_granted) == acc_mode) return (0); @@ -3322,7 +3322,7 @@ privcheck: if ((acc_mode & VWRITE) && ((dac_granted & VWRITE) == 0) && !cap_check(cred, NULL, CAP_DAC_WRITE, PRISON_ROOT)) - cap_granted |= VWRITE; + cap_granted |= (VWRITE | VAPPEND); if ((acc_mode & VADMIN) && ((dac_granted & VADMIN) == 0) && !cap_check(cred, NULL, CAP_FOWNER, PRISON_ROOT)) |
