diff options
Diffstat (limited to 'lib/libc/posix1e')
| -rw-r--r-- | lib/libc/posix1e/Makefile.inc | 2 | ||||
| -rw-r--r-- | lib/libc/posix1e/acl_delete_entry.c | 7 | ||||
| -rw-r--r-- | lib/libc/posix1e/acl_from_text.c | 1 | ||||
| -rw-r--r-- | lib/libc/posix1e/acl_to_text.c | 7 | ||||
| -rw-r--r-- | lib/libc/posix1e/mac.3 | 4 |
5 files changed, 14 insertions, 7 deletions
diff --git a/lib/libc/posix1e/Makefile.inc b/lib/libc/posix1e/Makefile.inc index c9e78bd..30e3986 100644 --- a/lib/libc/posix1e/Makefile.inc +++ b/lib/libc/posix1e/Makefile.inc @@ -119,3 +119,5 @@ MLINKS+=acl_create_entry.3 acl_create_entry_np.3\ mac_set.3 mac_set_proc.3 \ mac_text.3 mac_from_text.3 \ mac_text.3 mac_to_text.3 + +CLEANFILES+= subr_acl_nfs4.c diff --git a/lib/libc/posix1e/acl_delete_entry.c b/lib/libc/posix1e/acl_delete_entry.c index 7dd60b8..09b4507 100644 --- a/lib/libc/posix1e/acl_delete_entry.c +++ b/lib/libc/posix1e/acl_delete_entry.c @@ -75,6 +75,7 @@ int acl_delete_entry(acl_t acl, acl_entry_t entry_d) { struct acl *acl_int; + struct acl_entry entry_int; int i, j, found = 0; if (acl == NULL || entry_d == NULL) { @@ -94,8 +95,12 @@ acl_delete_entry(acl_t acl, acl_entry_t entry_d) errno = EINVAL; return (-1); } + + /* Use a local copy to prevent deletion of more than this entry */ + entry_int = *entry_d; + for (i = 0; i < acl->ats_acl.acl_cnt;) { - if (_entry_matches(&(acl->ats_acl.acl_entry[i]), entry_d)) { + if (_entry_matches(&(acl->ats_acl.acl_entry[i]), &entry_int)) { /* ...shift the remaining entries... */ for (j = i; j < acl->ats_acl.acl_cnt - 1; ++j) acl->ats_acl.acl_entry[j] = diff --git a/lib/libc/posix1e/acl_from_text.c b/lib/libc/posix1e/acl_from_text.c index 98c5426..c600987 100644 --- a/lib/libc/posix1e/acl_from_text.c +++ b/lib/libc/posix1e/acl_from_text.c @@ -257,6 +257,7 @@ acl_from_text(const char *buf_p) } #endif + free(mybuf_p); return(acl); error_label: diff --git a/lib/libc/posix1e/acl_to_text.c b/lib/libc/posix1e/acl_to_text.c index 79a950a..e5fd1f7 100644 --- a/lib/libc/posix1e/acl_to_text.c +++ b/lib/libc/posix1e/acl_to_text.c @@ -39,7 +39,6 @@ __FBSDID("$FreeBSD$"); #include <stdio.h> #include <stdlib.h> #include <string.h> -#include <utmp.h> #include "acl_support.h" @@ -58,7 +57,7 @@ _posix1e_acl_to_text(acl_t acl, ssize_t *len_p, int flags) { struct acl *acl_int; char *buf, *tmpbuf; - char name_buf[UT_NAMESIZE+1]; + char name_buf[MAXLOGNAME]; char perm_buf[_POSIX1E_ACL_STRING_PERM_MAXSIZE+1], effective_perm_buf[_POSIX1E_ACL_STRING_PERM_MAXSIZE+1]; int i, error, len; @@ -103,7 +102,7 @@ _posix1e_acl_to_text(acl_t acl, ssize_t *len_p, int flags) goto error_label; error = _posix1e_acl_id_to_name(ae_tag, ae_id, - UT_NAMESIZE+1, name_buf, flags); + MAXLOGNAME, name_buf, flags); if (error) goto error_label; @@ -163,7 +162,7 @@ _posix1e_acl_to_text(acl_t acl, ssize_t *len_p, int flags) goto error_label; error = _posix1e_acl_id_to_name(ae_tag, ae_id, - UT_NAMESIZE+1, name_buf, flags); + MAXLOGNAME, name_buf, flags); if (error) goto error_label; diff --git a/lib/libc/posix1e/mac.3 b/lib/libc/posix1e/mac.3 index c570998..6499d6b 100644 --- a/lib/libc/posix1e/mac.3 +++ b/lib/libc/posix1e/mac.3 @@ -154,8 +154,8 @@ system objects, but without policy-specific knowledge. .Sh STANDARDS These APIs are loosely based on the APIs described in POSIX.1e, as described in IEEE POSIX.1e draft 17. -However, the resemblence of these APIS to the POSIX APIs is loose, as the -PSOXI APIS were unable to express some notinos required for flexible and +However, the resemblence of these APIs to the POSIX APIs is loose, as the +POSIX APIs were unable to express some notions required for flexible and extensible access control. .Sh HISTORY Support for Mandatory Access Control was introduced in |
