diff options
author | phk <phk@FreeBSD.org> | 2000-08-20 08:36:26 +0000 |
---|---|---|
committer | phk <phk@FreeBSD.org> | 2000-08-20 08:36:26 +0000 |
commit | 3d2aecdc81ed97cfbe436b52fc98b64db180e3ba (patch) | |
tree | 55c272da20b4e053d7634d0f42eb73a594cf619e /sys/kern/vfs_subr.c | |
parent | 936d03c5051b75e93717f207de0e6a3764c41cd7 (diff) | |
download | FreeBSD-src-3d2aecdc81ed97cfbe436b52fc98b64db180e3ba.zip FreeBSD-src-3d2aecdc81ed97cfbe436b52fc98b64db180e3ba.tar.gz |
Centralize the canonical vop_access user/group/other check in vaccess().
Discussed with: bde
Diffstat (limited to 'sys/kern/vfs_subr.c')
-rw-r--r-- | sys/kern/vfs_subr.c | 54 |
1 files changed, 54 insertions, 0 deletions
diff --git a/sys/kern/vfs_subr.c b/sys/kern/vfs_subr.c index db16d9f..d9c4260 100644 --- a/sys/kern/vfs_subr.c +++ b/sys/kern/vfs_subr.c @@ -2984,3 +2984,57 @@ NDFREE(ndp, flags) ndp->ni_startdir = NULL; } } + +int +vaccess(type, file_mode, uid, gid, acc_mode, cred) + enum vtype type; + mode_t file_mode; + uid_t uid; + gid_t gid; + mode_t acc_mode; + struct ucred *cred; +{ + mode_t mask; + + /* + * At this point, uid == 0 can do anything. + * XXX: should use suser() ? */ + * XXX: Should only check root-ness after other checks fail. + */ + if (cred->cr_uid == 0) + return (0); + + mask = 0; + + /* Otherwise, check the owner. */ + if (cred->cr_uid == uid) { + if (acc_mode & VEXEC) + mask |= S_IXUSR; + if (acc_mode & VREAD) + mask |= S_IRUSR; + if (acc_mode & VWRITE) + mask |= S_IWUSR; + return ((file_mode & mask) == mask ? 0 : EACCES); + } + + /* Otherwise, check for all groups. */ + if (groupmember(gid, cred)) { + if (acc_mode & VEXEC) + mask |= S_IXGRP; + if (acc_mode & VREAD) + mask |= S_IRGRP; + if (acc_mode & VWRITE) + mask |= S_IWGRP; + return ((file_mode & mask) == mask ? 0 : EACCES); + } + + /* Otherwise, check everyone else. */ + if (acc_mode & VEXEC) + mask |= S_IXOTH; + if (acc_mode & VREAD) + mask |= S_IROTH; + if (acc_mode & VWRITE) + mask |= S_IWOTH; + return ((file_mode & mask) == mask ? 0 : EACCES); +} + |