Allow file system owner to modify system flags if securelevel permits.

MFC after: 3 days
author: pjd <pjd@FreeBSD.org> 2009-10-08 16:05:17 +0000
committer: pjd <pjd@FreeBSD.org> 2009-10-08 16:05:17 +0000
commit: 91e8f12740ed6a3e1d23db4edaa7e819e5618251 (patch)
tree: d3c717750bf8b6cda9663d4c35ec4de48c32fa83 /sys/cddl/compat/opensolaris/kern
parent: 4a0c1891f4d08b211f16e0cf75ca100bc6870dda (diff)
download: FreeBSD-src-91e8f12740ed6a3e1d23db4edaa7e819e5618251.zip
FreeBSD-src-91e8f12740ed6a3e1d23db4edaa7e819e5618251.tar.gz
1 files changed, 4 insertions, 1 deletions
diff --git a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
index 040f27d..865fba3 100644
--- a/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
+++ b/sys/cddl/compat/opensolaris/kern/opensolaris_policy.c
@@ -358,8 +358,11 @@ secpolicy_fs_mount_clearopts(cred_t *cr, struct mount *vfsp)
  * Check privileges for setting xvattr attributes
  */
 int
-secpolicy_xvattr(xvattr_t *xvap, uid_t owner, cred_t *cr, vtype_t vtype)
+secpolicy_xvattr(struct vnode *vp, xvattr_t *xvap, uid_t owner, cred_t *cr,
+    vtype_t vtype)
 {
 
+	if (secpolicy_fs_owner(vp->v_mount, cr) == 0)
+		return (0);
 	return (priv_check_cred(cr, PRIV_VFS_SYSFLAGS, 0));
 }
author	pjd <pjd@FreeBSD.org>	2009-10-08 16:05:17 +0000
committer	pjd <pjd@FreeBSD.org>	2009-10-08 16:05:17 +0000
commit	91e8f12740ed6a3e1d23db4edaa7e819e5618251 (patch)
tree	d3c717750bf8b6cda9663d4c35ec4de48c32fa83 /sys/cddl/compat/opensolaris/kern
parent	4a0c1891f4d08b211f16e0cf75ca100bc6870dda (diff)
download	FreeBSD-src-91e8f12740ed6a3e1d23db4edaa7e819e5618251.zip FreeBSD-src-91e8f12740ed6a3e1d23db4edaa7e819e5618251.tar.gz