From owner-cvs-all Sun Apr 29 12:53:53 2001 Delivered-To: cvs-all@freebsd.org Received: from freefall.freebsd.org (freefall.freebsd.org [216.136.204.21]) by hub.freebsd.org (Postfix) with ESMTP id A6A7937B43F; Sun, 29 Apr 2001 12:53:50 -0700 (PDT) (envelope-from rwatson@FreeBSD.org) Received: (from rwatson@localhost) by freefall.freebsd.org (8.11.1/8.11.1) id f3TJro054320; Sun, 29 Apr 2001 12:53:50 -0700 (PDT) (envelope-from rwatson) Message-Id: <200104291953.f3TJro054320@freefall.freebsd.org> From: Robert Watson Date: Sun, 29 Apr 2001 12:53:50 -0700 (PDT) To: cvs-committers@FreeBSD.org, cvs-all@FreeBSD.org Subject: cvs commit: src/sys/kern kern_acl.c X-FreeBSD-CVS-Branch: HEAD Sender: owner-cvs-all@FreeBSD.ORG Precedence: bulk X-Loop: FreeBSD.ORG rwatson 2001/04/29 12:53:50 PDT Modified files: sys/kern kern_acl.c Log: o As part of the move to not maintaining copies of the vnode owning uid and gid in the ACL, vaccess_acl_posix1e() was changed to accept explicit file_uid and file_gid as arguments. However, in making the change, I explicitly checked file_gid against cr->cr_groups[0], rather than using groupmember, resulting in ACL_GROUP_OBJ entries being compared to the caller's effective gid only, not the remainder of its groups. This was recently corrected for the version of the group call without privilege, but the second test (when privilege is added) was missed. This change replaces an additiona cr->cr_groups[0] check with groupmember(). Pointed out by: jedgar Reviewed by: jedgar Obtained from: TrustedBSD Project Revision Changes Path 1.12 +2 -2 src/sys/kern/kern_acl.c To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe cvs-all" in the body of the message