Check to make sure that this device is opened read-write, not just read

only. Previously, if the device was chmoded 644, someone could open it with the O_RDONLY flag and issue any ioctl to the device. Reviewed by: imp, gibbs
author: ken <ken@FreeBSD.org> 1998-09-16 00:11:53 +0000
committer: ken <ken@FreeBSD.org> 1998-09-16 00:11:53 +0000
commit: 89e0714ec8ca56c1915b929c1fd0944a419c7118 (patch)
tree: d9c10ba03ffa023d86c96c024127b7a8363b8ae9 /sys/cam/cam_xpt.c
parent: 15f661935007c0c8bc9255a25ead531f7296acd4 (diff)
download: FreeBSD-src-89e0714ec8ca56c1915b929c1fd0944a419c7118.zip
FreeBSD-src-89e0714ec8ca56c1915b929c1fd0944a419c7118.tar.gz
1 files changed, 7 insertions, 1 deletions
diff --git a/sys/cam/cam_xpt.c b/sys/cam/cam_xpt.c
index bc7e7c6..418e008 100644
--- a/sys/cam/cam_xpt.c
+++ b/sys/cam/cam_xpt.c
@@ -26,7 +26,7 @@
  * OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
  * SUCH DAMAGE.
  *
- *      $Id: cam_xpt.c,v 1.1 1998/09/15 06:33:23 gibbs Exp $
+ *      $Id: cam_xpt.c,v 1.2 1998/09/15 22:05:44 gibbs Exp $
  */
 #include <sys/param.h>
 #include <sys/systm.h>
@@ -633,6 +633,12 @@ xptopen(dev_t dev, int flags, int fmt, struct proc *p)
 	unit = minor(dev) & 0xff;
 
 	/*
+	 * Only allow read-write access.
+	 */
+	if (((flags & FWRITE) == 0) || ((flags & FREAD) == 0))
+		return(EPERM);
+
+	/*
 	 * We don't allow nonblocking access.
 	 */
 	if ((flags & O_NONBLOCK) != 0) {
author	ken <ken@FreeBSD.org>	1998-09-16 00:11:53 +0000
committer	ken <ken@FreeBSD.org>	1998-09-16 00:11:53 +0000
commit	89e0714ec8ca56c1915b929c1fd0944a419c7118 (patch)
tree	d9c10ba03ffa023d86c96c024127b7a8363b8ae9 /sys/cam/cam_xpt.c
parent	15f661935007c0c8bc9255a25ead531f7296acd4 (diff)
download	FreeBSD-src-89e0714ec8ca56c1915b929c1fd0944a419c7118.zip FreeBSD-src-89e0714ec8ca56c1915b929c1fd0944a419c7118.tar.gz