diff options
author | rwatson <rwatson@FreeBSD.org> | 2007-04-21 18:11:19 +0000 |
---|---|---|
committer | rwatson <rwatson@FreeBSD.org> | 2007-04-21 18:11:19 +0000 |
commit | 32f12b60cc993453e0419d55699f883edd7feeb5 (patch) | |
tree | c01699d851b69d7ae36f215085155bda57bc12f7 /sys/nfsclient | |
parent | cca3de2c55be08432928aafb01996eb30f5ebcf0 (diff) | |
download | FreeBSD-src-32f12b60cc993453e0419d55699f883edd7feeb5.zip FreeBSD-src-32f12b60cc993453e0419d55699f883edd7feeb5.tar.gz |
Attempt to rationalize NFS privileges:
- Replace PRIV_NFSD with PRIV_NFS_DAEMON, add PRIV_NFS_LOCKD.
- Use PRIV_NFS_DAEMON in the NFS server.
- In the NFS client, move the privilege check from nfslockdans(), which
occurs every time a write is performed on /dev/nfslock, and instead do it
in nfslock_open() just once. This allows us to avoid checking the saved
uid for root, and just use the effective on open. Use PRIV_NFS_LOCKD.
Diffstat (limited to 'sys/nfsclient')
-rw-r--r-- | sys/nfsclient/nfs_lock.c | 16 |
1 files changed, 5 insertions, 11 deletions
diff --git a/sys/nfsclient/nfs_lock.c b/sys/nfsclient/nfs_lock.c index 18bf1b2..be334c7 100644 --- a/sys/nfsclient/nfs_lock.c +++ b/sys/nfsclient/nfs_lock.c @@ -43,6 +43,7 @@ __FBSDID("$FreeBSD$"); #include <sys/mbuf.h> #include <sys/mount.h> #include <sys/namei.h> +#include <sys/priv.h> #include <sys/proc.h> #include <sys/resourcevar.h> #include <sys/socket.h> @@ -85,6 +86,10 @@ nfslock_open(struct cdev *dev, int oflags, int devtype, struct thread *td) { int error; + error = priv_check(td, PRIV_NFS_LOCKD); + if (error) + return (error); + mtx_lock(&nfslock_mtx); if (!nfslock_isopen) { error = 0; @@ -339,17 +344,6 @@ static int nfslockdans(struct thread *td, struct lockd_ans *ansp) { struct proc *targetp; - int error; - - /* Let root, or someone who once was root (lockd generally - * switches to the daemon uid once it is done setting up) make - * this call. - * - * XXX This authorization check is probably not right. - */ - if ((error = suser(td)) != 0 && - td->td_ucred->cr_svuid != 0) - return (error); /* the version should match, or we're out of sync */ if (ansp->la_vers != LOCKD_ANS_VERSION) |