summaryrefslogtreecommitdiffstats
path: root/sys/kern/vfs_export.c
diff options
context:
space:
mode:
authorphk <phk@FreeBSD.org>2000-08-20 08:36:26 +0000
committerphk <phk@FreeBSD.org>2000-08-20 08:36:26 +0000
commit3d2aecdc81ed97cfbe436b52fc98b64db180e3ba (patch)
tree55c272da20b4e053d7634d0f42eb73a594cf619e /sys/kern/vfs_export.c
parent936d03c5051b75e93717f207de0e6a3764c41cd7 (diff)
downloadFreeBSD-src-3d2aecdc81ed97cfbe436b52fc98b64db180e3ba.zip
FreeBSD-src-3d2aecdc81ed97cfbe436b52fc98b64db180e3ba.tar.gz
Centralize the canonical vop_access user/group/other check in vaccess().
Discussed with: bde
Diffstat (limited to 'sys/kern/vfs_export.c')
-rw-r--r--sys/kern/vfs_export.c54
1 files changed, 54 insertions, 0 deletions
diff --git a/sys/kern/vfs_export.c b/sys/kern/vfs_export.c
index db16d9f..d9c4260 100644
--- a/sys/kern/vfs_export.c
+++ b/sys/kern/vfs_export.c
@@ -2984,3 +2984,57 @@ NDFREE(ndp, flags)
ndp->ni_startdir = NULL;
}
}
+
+int
+vaccess(type, file_mode, uid, gid, acc_mode, cred)
+ enum vtype type;
+ mode_t file_mode;
+ uid_t uid;
+ gid_t gid;
+ mode_t acc_mode;
+ struct ucred *cred;
+{
+ mode_t mask;
+
+ /*
+ * At this point, uid == 0 can do anything.
+ * XXX: should use suser() ? */
+ * XXX: Should only check root-ness after other checks fail.
+ */
+ if (cred->cr_uid == 0)
+ return (0);
+
+ mask = 0;
+
+ /* Otherwise, check the owner. */
+ if (cred->cr_uid == uid) {
+ if (acc_mode & VEXEC)
+ mask |= S_IXUSR;
+ if (acc_mode & VREAD)
+ mask |= S_IRUSR;
+ if (acc_mode & VWRITE)
+ mask |= S_IWUSR;
+ return ((file_mode & mask) == mask ? 0 : EACCES);
+ }
+
+ /* Otherwise, check for all groups. */
+ if (groupmember(gid, cred)) {
+ if (acc_mode & VEXEC)
+ mask |= S_IXGRP;
+ if (acc_mode & VREAD)
+ mask |= S_IRGRP;
+ if (acc_mode & VWRITE)
+ mask |= S_IWGRP;
+ return ((file_mode & mask) == mask ? 0 : EACCES);
+ }
+
+ /* Otherwise, check everyone else. */
+ if (acc_mode & VEXEC)
+ mask |= S_IXOTH;
+ if (acc_mode & VREAD)
+ mask |= S_IROTH;
+ if (acc_mode & VWRITE)
+ mask |= S_IWOTH;
+ return ((file_mode & mask) == mask ? 0 : EACCES);
+}
+
OpenPOWER on IntegriCloud