diff options
author | ed <ed@FreeBSD.org> | 2008-06-01 14:02:46 +0000 |
---|---|---|
committer | ed <ed@FreeBSD.org> | 2008-06-01 14:02:46 +0000 |
commit | 2090338957dde65fcb07617b8131344a068f70ff (patch) | |
tree | 7dc1c42c9f044d9ddc59e5ad05ea3f7cc133d5b6 /sys/fs/devfs | |
parent | 9753f2182a914b83ed5a2c6a70a9d9f5b181f8f3 (diff) | |
download | FreeBSD-src-2090338957dde65fcb07617b8131344a068f70ff.zip FreeBSD-src-2090338957dde65fcb07617b8131344a068f70ff.tar.gz |
Revert the changes I made to devfs_setattr() in r179457.
As discussed with Robert Watson and John Baldwin, it would be better if
PTY's are created with proper permissions, turning grantpt() into a
no-op.
Bypassing security frameworks like MAC by passing NOCRED to
VOP_SETATTR() will only make things more complex.
Approved by: philip (mentor)
Diffstat (limited to 'sys/fs/devfs')
-rw-r--r-- | sys/fs/devfs/devfs_vnops.c | 7 |
1 files changed, 3 insertions, 4 deletions
diff --git a/sys/fs/devfs/devfs_vnops.c b/sys/fs/devfs/devfs_vnops.c index 724f082..813f3a5 100644 --- a/sys/fs/devfs/devfs_vnops.c +++ b/sys/fs/devfs/devfs_vnops.c @@ -1264,9 +1264,8 @@ devfs_setattr(struct vop_setattr_args *ap) else gid = vap->va_gid; if (uid != de->de_uid || gid != de->de_gid) { - if (ap->a_cred != NOCRED && - (ap->a_cred->cr_uid != de->de_uid || uid != de->de_uid || - (gid != de->de_gid && !groupmember(gid, ap->a_cred)))) { + if ((ap->a_cred->cr_uid != de->de_uid) || uid != de->de_uid || + (gid != de->de_gid && !groupmember(gid, ap->a_cred))) { error = priv_check(ap->a_td, PRIV_VFS_CHOWN); if (error) return (error); @@ -1277,7 +1276,7 @@ devfs_setattr(struct vop_setattr_args *ap) } if (vap->va_mode != (mode_t)VNOVAL) { - if (ap->a_cred != NOCRED && ap->a_cred->cr_uid != de->de_uid) { + if (ap->a_cred->cr_uid != de->de_uid) { error = priv_check(ap->a_td, PRIV_VFS_ADMIN); if (error) return (error); |