summaryrefslogtreecommitdiffstats
path: root/sys/kern/uipc_sem.c
diff options
context:
space:
mode:
Diffstat (limited to 'sys/kern/uipc_sem.c')
-rw-r--r--sys/kern/uipc_sem.c17
1 files changed, 13 insertions, 4 deletions
diff --git a/sys/kern/uipc_sem.c b/sys/kern/uipc_sem.c
index 8de7d8f..340c1a6 100644
--- a/sys/kern/uipc_sem.c
+++ b/sys/kern/uipc_sem.c
@@ -42,6 +42,7 @@ __FBSDID("$FreeBSD$");
#include <sys/sysproto.h>
#include <sys/eventhandler.h>
#include <sys/kernel.h>
+#include <sys/priv.h>
#include <sys/proc.h>
#include <sys/lock.h>
#include <sys/mutex.h>
@@ -419,15 +420,23 @@ sem_perm(struct thread *td, struct ksem *ks)
{
struct ucred *uc;
+ /*
+ * XXXRW: This permission routine appears to be incorrect. If the
+ * user matches, we shouldn't go on to the group if the user
+ * permissions don't allow the action? Not changed for now. To fix,
+ * change from a series of if (); if (); to if () else if () else...
+ */
uc = td->td_ucred;
DP(("sem_perm: uc(%d,%d) ks(%d,%d,%o)\n",
uc->cr_uid, uc->cr_gid,
ks->ks_uid, ks->ks_gid, ks->ks_mode));
- if ((uc->cr_uid == ks->ks_uid && (ks->ks_mode & S_IWUSR) != 0) ||
- (uc->cr_gid == ks->ks_gid && (ks->ks_mode & S_IWGRP) != 0) ||
- (ks->ks_mode & S_IWOTH) != 0 || suser(td) == 0)
+ if ((uc->cr_uid == ks->ks_uid) && (ks->ks_mode & S_IWUSR) != 0)
+ return (0);
+ if ((uc->cr_gid == ks->ks_gid) && (ks->ks_mode & S_IWGRP) != 0)
+ return (0);
+ if ((ks->ks_mode & S_IWOTH) != 0)
return (0);
- return (EPERM);
+ return (priv_check(td, PRIV_SEM_WRITE));
}
static void
OpenPOWER on IntegriCloud